One-Click RCE in ASUS's Preinstalled Driver Software
Submitted 1 day ago by CaptainBasculin@lemmy.bascul.in to technology@lemmy.world
https://mrbruh.com/asusdriverhub/
Submitted 1 day ago by CaptainBasculin@lemmy.bascul.in to technology@lemmy.world
https://mrbruh.com/asusdriverhub/
just_another_person@lemmy.world 1 day ago
This person is getting to be fucking annoying.
The title is definitely not as described, only applies to Windows (I think), and won’t work without a permissions escalation.
The only reason it’s classified as a CVE is because they requested it be such.
There are no payload attacks proven here, or PoC attack code. This person has been po tinng pretty basic “hacks” for a few years, and makes a mountain out of an anthill every damn time.
🙄 Ohn
ryannathans@aussie.zone 1 day ago
How could it apply to any other operating system than Windows? Pre installed drivers, in a pre installed OS? They probably don’t even write drivers for other OS
just_another_person@lemmy.world 1 day ago
Wine or compatibility layers.
priapus@piefed.social 1 day ago
Well yeah, its a vulnerability in the windows software. Nothing they said implied otherwise.
I dont think thats true, could you explain why that would be? This article mentioned no need for a permissions escalation. In fact it seems that the RCE is automatically run as administrator by the driver process.
Pirate@feddit.org 13 hours ago
I love how on Lemmy Windows is not immediately assumed to be the default OS, lol.
Are we all Linux users?
lupusblackfur@lemmy.world 1 day ago
🤷♂️ Sounds like a job for the “block user” feature… 🤔
JackbyDev@programming.dev 1 day ago
“This only applies to the most widely used OS and won’t work without someone clicking grant admin permissions which most people probably do blindly.”
🙄 Ugh