EUVD-2018-10259

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

ASUS Aura Sync driver allows arbitrary DWORD write to any address in versions v1.07.22 and earlier

Reporter	Title	Published	Views	Family All 8
0day.today	ASUS Aura Sync versions 1.07.22 Driver Privilege Escalation Exploit	23 Dec 201800:00	–	zdt
CNVD	ASUS Aura Sync Arbitrary Code Execution Vulnerability	24 Dec 201800:00	–	cnvd
CVE	CVE-2018-18537	26 Dec 201820:00	–	cve
Cvelist	CVE-2018-18537	26 Dec 201820:00	–	cvelist
NVD	CVE-2018-18537	26 Dec 201821:29	–	nvd
Packet Storm	ASUS Driver Privilege Escalation	21 Dec 201800:00	–	packetstorm
Prion	Path traversal	26 Dec 201821:29	–	prion
ThreatPost	BYO-Bug Tactic Attacks Windows Kernel with Outdated Driver	10 Feb 202021:07	–	threatpost

[
  {
    "enisaIdVendor": [
      {
        "id": "0a08d190-03bd-3d42-9eef-1f9e0f9565d0",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "631004c8-96b1-33e1-ace6-24a2e6d06c87",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2018-18537
securityfocus	www.securityfocus.com/bid/106250
packetstormsecurity	www.packetstormsecurity.com/files/150893/ASUS-Driver-Privilege-Escalation.html
secureauth	www.secureauth.com/labs/advisories/asus-drivers-elevation-privilege-vulnerabilities
seclists	www.seclists.org/fulldisclosure/2018/Dec/34
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.5Medium risk

Vulners AI Score5.5

CVSS 35.5

CVSS 22.1

EPSS0.00089