Vulnerability Description
AsLdrSrv.exe in ASUS ATK Package before V1.0.0061 (for Windows 10 notebook PCs) could lead to unsigned code execution with no additional execution. The user must put an application at a particular path, with a particular file name.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Asus | Atk Package | < 1.0.0061 |
| Microsoft | Windows 10 | - |
Related Weaknesses (CWE)
References
- https://safebreach.com/blogThird Party Advisory
- https://www.asus.com/Static_WebPage/ASUS-Product-Security-Advisory/Vendor Advisory
- https://www.asus.com/support/faq/1041545Vendor Advisory
- https://safebreach.com/blogThird Party Advisory
- https://www.asus.com/Static_WebPage/ASUS-Product-Security-Advisory/Vendor Advisory
- https://www.asus.com/support/faq/1041545Vendor Advisory
FAQ
What is CVE-2019-19235?
CVE-2019-19235 is a vulnerability with a CVSS score of 7.0 (HIGH). AsLdrSrv.exe in ASUS ATK Package before V1.0.0061 (for Windows 10 notebook PCs) could lead to unsigned code execution with no additional execution. The user must put an application at a particular pat...
How severe is CVE-2019-19235?
CVE-2019-19235 has been rated HIGH with a CVSS base score of 7.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-19235?
Check the references section above for vendor advisories and patch information. Affected products include: Asus Atk Package, Microsoft Windows 10.