CVE-2024-33220

HIGH Year: 2024
CVSS v3 Score
8.8
High
Weakness Type
CWE-782
View all →

Vulnerability Description

An issue in the component AslO3_64.sys of ASUSTeK Computer Inc AISuite3 v3.03.36 3.03.36 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

Related Vulnerabilities

CVE-2021-21786

HIGH
CVSS:8.8(High)

A privilege escalation vulnerability exists in the IOCTL 0x9c406144 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet (IRP) can lead to increased privil...

CWE-7822021

CVE-2021-21787

HIGH
CVSS:8.8(High)

A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0d8, the first dword passed in th...

CWE-7822021

CVE-2021-21788

HIGH
CVSS:8.8(High)

A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0dc, the first dword passed in th...

CWE-7822021

CVE-2021-21789

HIGH
CVSS:8.8(High)

A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0e0, the first dword passed in th...

CWE-7822021

CVE-2024-33222

HIGH
CVSS:8.4(High)

An issue in the component ATSZIO64.sys of ASUSTeK Computer Inc ASUS ATSZIO Driver v0.2.1.7 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

CWE-7822024

CVE-2024-30804

CRITICAL
CVSS:9.8(Critical)

An issue discovered in the DeviceIoControl component in ASUS Fan_Xpert before v.10013 allows an attacker to execute arbitrary code via crafted IOCTL requests.

CWE-7822024