Skip to content

Instantly share code, notes, and snippets.

@DStraghkov

DStraghkov/Description.md

Created April 8, 2021 10:02
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save DStraghkov/fba4994ac4bb3a6e2940b21743563df0 to your computer and use it in GitHub Desktop.
Save DStraghkov/fba4994ac4bb3a6e2940b21743563df0 to your computer and use it in GitHub Desktop.
Download ZIP
Short description of vulnerabilities that was found in ASUS GPUTweak II utility
Raw
Description.md

Short description of find vulnerabilities in AsIO2_64.sys and AsIO2_32.sys

Incorrect Access Control in AsIO2_64.sys and AsIO2_32.sys

Description

AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory (by calling one of several driver routines that map physical memory into the virtual address space of the calling process) and to interact with MSR registers. This could enable low-privileged users to achieve NT AUTHORITY\SYSTEM privileges via a DeviceIoControl.

Vulnerability Type

Incorrect Access Control

Vendor of Product

ASUS

Affected Product Code Base

ASUS GPUTweak II - Affected before version - 2.3.0.3. Fixed from version - 2.3.0.3

Affected Component

Driver AsIO2_64.sys, AsIO2_32.sys

Attack Type

Local

Impact Escalation of Privileges

True

Attack Vectors

Run specially compiled PE format file.

Discoverer

Ivannikov Institute for System Programming of the RAS

Stack buffer overflow in AsIO2_64.sys and AsIO2_32.sys

Description

AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to trigger a stack-based buffer overflow. This could enable low-privileged users to achieve Denial of Service via a DeviceIoControl.

Vulnerability Type

Buffer Overflow

Vendor of Product

ASUS

Affected Product Code Base

ASUS GPUTweak II - Affected before version - 2.3.0.3. Fixed from version - 2.3.0.3

Affected Component

Driver AsIO2_64.sys, AsIO2_32.sys

Attack Type

Local

Impact Denial of Service

True

Attack Vectors

Run specially compiled PE format file.

Discoverer

Ivannikov Institute for System Programming of the RAS

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment