CVE-2018-18536
3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 72.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 26
Latest updateMay 13
Description
The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and earlier expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9