ASUS SetupAsusServices v1.0.5.1 in Asus Armoury Crate v5.3.4.0 contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.
References
| Link | Resource |
|---|---|
| http://asus.com | Product |
| http://setupasusservices.com | Product |
| https://irradiate.com.au/blog/CVE-2023-26911 | Third Party Advisory |
| http://asus.com | Product |
| http://setupasusservices.com | Product |
| https://irradiate.com.au/blog/CVE-2023-26911 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:52
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://asus.com - Product | |
| References | () http://setupasusservices.com - Product | |
| References | () https://irradiate.com.au/blog/CVE-2023-26911 - Third Party Advisory |
04 Aug 2023, 19:40
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:asus:armoury_crate:*:*:*:*:*:*:*:* cpe:2.3:a:asus:setupasusservices:*:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| References | (MISC) http://asus.com - Product | |
| References | (MISC) http://setupasusservices.com - Product | |
| References | (MISC) https://irradiate.com.au/blog/CVE-2023-26911 - Third Party Advisory | |
| CWE | CWE-428 |
26 Jul 2023, 14:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-07-26 14:15
Updated : 2024-11-21 07:52
NVD link : CVE-2023-26911
Mitre link : CVE-2023-26911
CVE.ORG link : CVE-2023-26911
JSON object : View
Products Affected
asus
- armoury_crate
- setupasusservices
CWE
CWE-428
Unquoted Search Path or Element