Unquoted Service Path Vulnerability in Asus Armoury Crate
CVE-2023-26911

7.8HIGH

Key Information:

Vendor: Asus
Status: Armoury Crate; Setupasusservices
Vendor: CVE Published:; 26 July 2023

What is CVE-2023-26911?

ASUS Armoury Crate versions include an unquoted service path vulnerability in SetupAsusServices that enables local users to execute processes with elevated privileges. This configuration flaw can be exploited to gain unauthorized control over the affected system, presenting a significant risk to data integrity and security. It is essential for users to implement the latest updates and monitor for unauthorized changes to service configurations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://asus.com

http://setupasusservices.com

https://irradiate.com.au/blog/CVE-2023-26911

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 26, 2023
Vulnerability Reserved
Feb 27, 2023

JSON

Asus

What is CVE-2023-26911?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.