AlphaAtlas
[H]ard|Gawd
- Joined
- Mar 3, 2018
- Messages
- 1,713
BleepingComputer reports that SecureAuth published "driver elevation of privilege" vulnerabilities for desktop Gigabyte and Asus motherboards. According to the Asus report, multiple vulnerabilities were found in the GLCKIo and Asusgio drivers that the company's Aura Sync RGB control software installs. SecureAuth notified Asus over a year ago, but didn't immediately receive a response. 2 months and 3 emails later, Asus asked for technical details, reportedly released an update in April that only fixed one of the two major vulnerabilities, and didn't respond to any more emails. Meanwhile, after sending multiple emails, SecureAuth received a response from Gigabyte asking SecureAuth to open a support ticket. SecureAuth said they wished to keep correspondence private, and then Gigabyte claimed "that Gigabyte is a hardware company and they are not specialized in software." The security company sent over a draft of the vulnerability anyway, Gigabyte responded by saying the draft was too vague and asked for a phone contact, and 2 months later, Gigabyte claimed that "its products are not affected by the reported vulnerabilities."
SecureAuth published proof of concept code for both the Asus and Gigabyte vulnerabilities, and according the report, the affected Asus and Gigabyte drivers are still vulnerable. Non privileged users that are "even running at LOW INTEGRITY" can allegedly abuse the exploits and "take complete control of the affected system."
Thanks to Schtask for the tip.
SecureAuth published proof of concept code for both the Asus and Gigabyte vulnerabilities, and according the report, the affected Asus and Gigabyte drivers are still vulnerable. Non privileged users that are "even running at LOW INTEGRITY" can allegedly abuse the exploits and "take complete control of the affected system."
Thanks to Schtask for the tip.
Last edited: