![]() ![]() To be specific, in the case of Asus, the security errors found correspond to CVE-2018-18537, CVE-2018-18536, CVE-2018-18535, through the GLCKIo and Asusgio drivers. To put this in perspective, SecureAuth reported that Asus Aura Sync software 1.07.22 and earlier installs two vulnerable drivers, while in GIGABYTE’s case this extends to their App Center software 1.05.21 and later at the same time as AORUS Graphics Engine (1.33 and later), XTREME Engine utility (v1.25 and earlier), and OC Guru II (v2. Shortly thereafter, their response stumped the SecureAuth engineers, as GIGABYTE replied that according to their PM and engineers their products are not affected by the described vulnerabilities. Even so, they requested technical details to verify the vulnerabilities. ![]() The case of GIGABYTE is more flagrant, since when informed, the company’s technical support team responded to SecureAuth that GIGABYTE is a hardware company, not being specialized in software. Thus, on March 26 of this year the company released a new revision of Aura Sync reporting that the problems were corrected, but it was not until May when SecureAuth verified the improvements, where only one of the three problems was corrected. ![]() In the case of Asus, the communication between the two companies occurred in November 2017, where Asus later recognized the problem. It has been the SecureAuth company that has made both discoveries and made them known to both companies with enough time for these vulnerabilities to be patched and corrected. Six vulnerabilities and five affected products Aura Sync and AORUS Graphics Engine must be patched up to 4 versions to prevent any attacker from escalating privileges through such control software. The vulnerabilities extend this time to Asus and GIGABYTE, where both companies have already been informed of vulnerabilities in their lighting control software of both brands respectively. Asus, software ASUS and Gigabyte motherboards are vulnerable due to lighting software ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |