Allele Security Alert
ASA-2018-00096
Identifier(s)
ASA-2018-00096, CORE-2017-0012, CVE-2018-18536
Title
Drivers allow non-privileged user access to port mapped I/O
Vendor(s)
ASUS
Product(s)
ASUS Aura Sync
Affected version(s)
ASUS Aura Sync v1.07.22 and previous versions
Fixed version(s)
Unknown
Proof of concept
Yes
Description
Multiple vulnerabilities were found in the GLCKIo and Asusgio drivers installed by ASUS Aura Sync, which could allow a local attacker to elevate privileges.
Technical details
Both GLCKIo and Asusgio expose a functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
Credits
Diego Juarez (SecureAuth) and Leandro Cuozzo (SecureAuth)
Reference(s)
ASUS Drivers Elevation of Privilege Vulnerabilities
https://www.secureauth.com/labs/advisories/asus-drivers-elevation-privilege-vulnerabilities
[CORE-2017-0012] – ASUS Drivers Elevation of Privilege Vulnerabilities
https://seclists.org/fulldisclosure/2018/Dec/34
CVE-2018-18536
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18536
CVE-2018-18536
https://nvd.nist.gov/vuln/detail/CVE-2018-18536
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: February 3, 2019