Vulnerability Description
An improper access control vulnerability in the AsusSAIO.sys driver may lead to the misuse of software functionality utilizing the driver when crafted IOCTL requests are supplied.
CVSS Score
5.3
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Related Weaknesses (CWE)
References
- https://github.com/heyheysky/vulnerable-driver/blob/master/CVE-2024-55408/CVE-20
- https://www.asus.com/tw/support/myasus-deeplink/
FAQ
What is CVE-2024-55408?
CVE-2024-55408 is a vulnerability with a CVSS score of 5.3 (MEDIUM). An improper access control vulnerability in the AsusSAIO.sys driver may lead to the misuse of software functionality utilizing the driver when crafted IOCTL requests are supplied.
How severe is CVE-2024-55408?
CVE-2024-55408 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-55408?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.