CVE-2022-38699
Armoury Crate Service (ASUS Armoury Crate Service) is affected by a symbolic-link vulnerability in its logging function. The issue arises because the logging path validation does not detect if the log file is a symbolic link, enabling a physical attacker with general user privileges to modify the...