CVE-2023-26911Unquoted Search Path or Element in Armoury Crate

CWE-428Unquoted Search Path or Element3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 93.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Asus Armoury CrateAsus Setupasusservices
Timeline
PublishedJul 26

Description

ASUS SetupAsusServices v1.0.5.1 in Asus Armoury Crate v5.3.4.0 contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDasus/armoury_crate5.3.4.0

🔴Vulnerability Details

2
GHSA
GHSA-6qmw-r6q3-3x3m: ASUS SetupAsusServices v12023-07-26
CVEList
CVE-2023-26911: ASUS SetupAsusServices v12023-07-26
CVE-2023-26911 — Unquoted Search Path or Element | cvebase