AsusSwitch.exe on ASUS personal computers (running...
High severity
Unreviewed
Published
Oct 18, 2022
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
Oct 18, 2022
Published to the GitHub Advisory Database
Oct 18, 2022
Last updated
Feb 1, 2023
AsusSwitch.exe on ASUS personal computers (running Windows) sets weak file permissions, leading to local privilege escalation (this also can be used to delete files within the system arbitrarily). This affects ASUS System Control Interface 3 before 3.1.5.0, and AsusSwitch.exe before 1.0.10.0.
References