PT-2019-12001 · Asus · Asus Precision Touchpad

Athanasios Tserpelis

Publicado

2019-09-04

Atualizado

2019-09-05

CVE-2019-10709

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Asus Precision TouchPad version 11.0.0.25

Description The issue is related to a Pool Overflow in the AsusPTPFilter.sys driver, which can be triggered by a crafted DeviceIoControl call to the .AsusTP device. This could lead to a Denial of Service (DoS) or potentially allow for privilege escalation.

Recommendations For version 11.0.0.25, consider disabling the AsusPTPFilter.sys driver or restricting access to the .AsusTP device to minimize the risk of exploitation until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2019-10709

Produtos afetados

Asus Precision Touchpad

PT-2019-12001 · Asus · Asus Precision Touchpad

CVE-2019-10709

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5