Improper Communication Channel Restriction in ASUS Aura Wallpaper Service
CVE-2026-8920
8.5HIGH
What is CVE-2026-8920?
The Aura Wallpaper Service by ASUS is vulnerable due to improper restrictions that permit local users to send crafted commands. This allows the execution of file operations by manipulating an arbitrary file path, thereby bypassing the service's intended path restrictions. Additionally, in certain models, this vulnerability might cause certain features to become unavailable. For more detailed information and security updates regarding this vulnerability, please visit ASUS's official security advisory.
Affected Version(s)
Aura Wallpaper Service v2.1.8.0