CVE-2024-55408

MEDIUM 5.3

CVSS Score

5.3

EPSS Score

0.0%

EPSS Percentile

0th

An improper access control vulnerability in the AsusSAIO.sys driver may lead to the misuse of software functionality utilizing the driver when crafted IOCTL requests are supplied.

CWE	CWE-862
Vendor	asus
Product	asci
Published	Jan 6, 2025
Last Updated	Feb 11, 2025

Stay Ahead of the Next One

Get instant alerts for asus asci

Be the first to know when new medium vulnerabilities affecting asus asci are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

ASUS / ASCI

before 1.0.30.0 before 3.1.41.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

asus.com: https://www.asus.com/tw/support/myasus-deeplink/ github.com: https://github.com/heyheysky/vulnerable-driver/blob/master/CVE-2024-55408/CVE-2024-55408_AsusSAIO.sys_README.md