Lucene search
HistoryJul 21, 2022 - 5:15 p.m.
CVE-2022-35899
asustek
aura ready
game sdk
unquoted service path
escalation of privileges
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
15.9%
There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%\ASUS\GameSDK.exe file.
Affected configurations
Node
asusaura_ready_game_software_development_kitMatch1.0.0.4
microsoftwindowsMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| asus | aura_ready_game_software_development_kit | 1.0.0.4 | cpe:2.3:a:asus:aura_ready_game_software_development_kit:1.0.0.4:*:*:*:*:*:*:* |
| microsoft | windows | - | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
Related
zdt
zdt
Asus GameSDK 1.0.0.4 Unquoted Service Path Vulnerability
2022-07-20 00:00:00
packetstorm
packetstorm
Asus GameSDK 1.0.0.4 Unquoted Service Path
2022-07-19 00:00:00
cvelist
cvelist
CVE-2022-35899
2022-07-21 16:14:44
cve
cve
CVE-2022-35899
2022-07-21 17:15:08
exploitdb
exploitdb
Asus GameSDK v1.0.0.4 - 'GameSDK.exe' Unquoted Service Path
2022-07-29 00:00:00
prion
prion
Code injection
2022-07-21 17:15:00
openvas
openvas
Microsoft Windows Unquoted Path Vulnerability (SMB Login)
2018-03-23 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
15.9%
Related for NVD:CVE-2022-35899