Asus Aura Sync Firmware vulnerabilities

CVE-2018-18536 [HIGH] CVE-2018-18536: The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and earlier expose functionality The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and earlier expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

CVE-2018-18535 [HIGH] CVE-2018-18535: The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read an The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.

CVE-2018-18537 [MEDIUM] CVE-2018-18537: The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitr The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitrary DWORD to an arbitrary address.