Insufficient Access Control in ASUS AURA SYNC Driver
CVE-2019-25764
7.3HIGH
What is CVE-2019-25764?
The ASUS AURA SYNC driver contains a flaw that exposes IOCTL with insufficient access control, allowing local users to evade verification mechanisms. This security gap enables attackers to invoke arbitrary IOCTLs, leading to potential privilege escalation on affected systems. For further details and updates regarding legacy drivers, please refer to the official ASUS Security Advisory.
Affected Version(s)
AURA SYNC 0 < 1.07.84