CVE-2022-44898
CVSS V2 None
CVSS V3 None
Description
The MsIo64.sys component in Asus Aura Sync through v1.07.79 does not properly validate input to IOCTL 0x80102040, 0x80102044, 0x80102050, and 0x80102054, allowing attackers to trigger a memory corruption and cause a Denial of Service (DoS) or escalate privileges via crafted IOCTL requests.
Overview
- CVE ID
- CVE-2022-44898
- Assigner
- cve@mitre.org
- Vulnerability Status
- Analyzed
- Published Version
- 2022-12-14T15:15:10
- Last Modified Date
- 2022-12-16T20:37:37
Weakness Enumerations
CPE Configuration (Product)
CPE | Vulnerable | Operator | Version Start | Version End |
---|---|---|---|---|
cpe:2.3:a:asus:aura_sync:*:*:*:*:*:*:*:* | 1 | OR | 1.07.79 |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-44898 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44898 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2022-12-14 16:16:07 | Added to TrackCVE | |||
2022-12-18 04:35:31 | 2022-12-14T15:15:10.657 | 2022-12-14T15:15:10 | CVE Published Date | updated |
2022-12-18 04:35:31 | 2022-12-16T20:37:37 | CVE Modified Date | updated | |
2022-12-18 04:35:31 | Awaiting Analysis | Analyzed | Vulnerability Status | updated |
2022-12-18 04:35:34 | CWE-787 | Weakness Enumeration | new | |
2022-12-18 04:35:39 | CPE Information | updated |