7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
ASUS VivoMini/Mini PC device has an improper input validation vulnerability. A local attacker with system privilege can use system management interrupt (SMI) to modify memory, resulting in arbitrary code execution for controlling the system or disrupting service.
CPE | Name | Operator | Version |
---|---|---|---|
asus:vc65-c1_firmware | asus vc65-c1 firmware | lt | 1302 |
[
{
"product": "VC65-C1",
"vendor": "ASUS",
"versions": [
{
"lessThan": "1302",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "PB60V",
"vendor": "ASUS",
"versions": [
{
"lessThan": "1302",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "PB60G",
"vendor": "ASUS",
"versions": [
{
"lessThan": "1302",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "PB60S",
"vendor": "ASUS",
"versions": [
{
"lessThan": "1302",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "PA90",
"vendor": "ASUS",
"versions": [
{
"lessThan": "1401",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "PB50",
"vendor": "ASUS",
"versions": [
{
"lessThan": "902",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "PB60",
"vendor": "ASUS",
"versions": [
{
"lessThan": "1502",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "PB61V",
"vendor": "ASUS",
"versions": [
{
"lessThan": "601",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "TS10",
"vendor": "ASUS",
"versions": [
{
"lessThan": "609",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "PN40",
"vendor": "ASUS",
"versions": [
{
"lessThan": "2201",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "PN60",
"vendor": "ASUS",
"versions": [
{
"lessThan": "808",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "PN30",
"vendor": "ASUS",
"versions": [
{
"lessThan": "320",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "UN65U",
"vendor": "ASUS",
"versions": [
{
"lessThan": "618",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%