CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2025-2027
https://notcve.org/view.php?id=CVE-2025-2027
28 Mar 2025 — A double free vulnerability has been identified in the ASUS System Analysis service. This vulnerability can be triggered by sending specially crafted local RPC requests, leading to the service crash and potentially memory manipulation in some rare circumstances. Refer to the 'Security Update for MyASUS' section on the ASUS Security Advisory for more information. A double free vulnerability has been identified in the ASUS System Analysis service. This vulnerability can be triggered by sending specially craft... • https://www.asus.com/content/asus-product-security-advisory • CWE-415: Double Free •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-55408
https://notcve.org/view.php?id=CVE-2024-55408
06 Jan 2025 — An issue in the AsusSAIO.sys component of ASUS System Analysis IO v1.0.0 allows attackers to perform arbitrary read and write actions via supplying crafted IOCTL requests. Un problema en el componente AsusSAIO.sys de ASUS System Analysis IO v1.0.0 permite a los atacantes realizar acciones de lectura y escritura arbitrarias mediante el suministro de solicitudes IOCTL manipuladas. An improper access control vulnerability in the AsusSAIO.sys driver may lead to the misuse of software functionality utilizing the... • http://asus.com • CWE-862: Missing Authorization •