CVE-2024-33221

2024-05-2215:15:28

[email protected]

web.nvd.nist.gov

asusbsitf.sys

asustek computer inc

bios flash

privilege escalation

arbitrary code execution

crafted ioctl requests

7.7 High

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

JSON

An issue in the component AsusBSItf.sys of ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

References

github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33221