CVE-2022-21933
ASUS VivoMini/Mini PC - improper input validation
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
ASUS VivoMini/Mini PC device has an improper input validation vulnerability. A local attacker with system privilege can use system management interrupt (SMI) to modify memory, resulting in arbitrary code execution for controlling the system or disrupting service.
El dispositivo ASUS VivoMini/Mini PC presenta una vulnerabilidad de comprobación de entrada inapropiada. Un atacante local con privilegios de sistema puede usar la interrupción de administración del sistema (SMI) para modificar la memoria, resultando en una ejecución de código arbitrario para controlar el sistema o interrumpir el servicio
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-12-14 CVE Reserved
- 2022-01-21 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://www.twcert.org.tw/tw/cp-132-5547-34bc4-1.html | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Asus Search vendor "Asus" | Vc65-c1 Firmware Search vendor "Asus" for product "Vc65-c1 Firmware" | < 1302 Search vendor "Asus" for product "Vc65-c1 Firmware" and version " < 1302" | - |
Affected
| in | Asus Search vendor "Asus" | Vc65-c1 Search vendor "Asus" for product "Vc65-c1" | - | - |
Safe
|
| Asus Search vendor "Asus" | Pb60v Firmware Search vendor "Asus" for product "Pb60v Firmware" | < 1302 Search vendor "Asus" for product "Pb60v Firmware" and version " < 1302" | - |
Affected
| in | Asus Search vendor "Asus" | Pb60v Search vendor "Asus" for product "Pb60v" | - | - |
Safe
|
| Asus Search vendor "Asus" | Pb60g Firmware Search vendor "Asus" for product "Pb60g Firmware" | < 1302 Search vendor "Asus" for product "Pb60g Firmware" and version " < 1302" | - |
Affected
| in | Asus Search vendor "Asus" | Pb60g Search vendor "Asus" for product "Pb60g" | - | - |
Safe
|
| Asus Search vendor "Asus" | Pb60s Firmware Search vendor "Asus" for product "Pb60s Firmware" | < 1302 Search vendor "Asus" for product "Pb60s Firmware" and version " < 1302" | - |
Affected
| in | Asus Search vendor "Asus" | Pb60s Search vendor "Asus" for product "Pb60s" | - | - |
Safe
|
| Asus Search vendor "Asus" | Pa90 Firmware Search vendor "Asus" for product "Pa90 Firmware" | < 1401 Search vendor "Asus" for product "Pa90 Firmware" and version " < 1401" | - |
Affected
| in | Asus Search vendor "Asus" | Pa90 Search vendor "Asus" for product "Pa90" | - | - |
Safe
|
| Asus Search vendor "Asus" | Pb50 Firmware Search vendor "Asus" for product "Pb50 Firmware" | < 902 Search vendor "Asus" for product "Pb50 Firmware" and version " < 902" | - |
Affected
| in | Asus Search vendor "Asus" | Pb50 Search vendor "Asus" for product "Pb50" | - | - |
Safe
|
| Asus Search vendor "Asus" | Pb60 Firmware Search vendor "Asus" for product "Pb60 Firmware" | < 1502 Search vendor "Asus" for product "Pb60 Firmware" and version " < 1502" | - |
Affected
| in | Asus Search vendor "Asus" | Pb60 Search vendor "Asus" for product "Pb60" | - | - |
Safe
|
| Asus Search vendor "Asus" | Pb61v Firmware Search vendor "Asus" for product "Pb61v Firmware" | < 601 Search vendor "Asus" for product "Pb61v Firmware" and version " < 601" | - |
Affected
| in | Asus Search vendor "Asus" | Pb61v Search vendor "Asus" for product "Pb61v" | - | - |
Safe
|
| Asus Search vendor "Asus" | Ts10 Firmware Search vendor "Asus" for product "Ts10 Firmware" | < 609 Search vendor "Asus" for product "Ts10 Firmware" and version " < 609" | - |
Affected
| in | Asus Search vendor "Asus" | Ts10 Search vendor "Asus" for product "Ts10" | - | - |
Safe
|
| Asus Search vendor "Asus" | Pn40 Firmware Search vendor "Asus" for product "Pn40 Firmware" | < 2201 Search vendor "Asus" for product "Pn40 Firmware" and version " < 2201" | - |
Affected
| in | Asus Search vendor "Asus" | Pn40 Search vendor "Asus" for product "Pn40" | - | - |
Safe
|
| Asus Search vendor "Asus" | Pn60 Firmware Search vendor "Asus" for product "Pn60 Firmware" | < 808 Search vendor "Asus" for product "Pn60 Firmware" and version " < 808" | - |
Affected
| in | Asus Search vendor "Asus" | Pn60 Search vendor "Asus" for product "Pn60" | - | - |
Safe
|
| Asus Search vendor "Asus" | Pn30 Firmware Search vendor "Asus" for product "Pn30 Firmware" | < 320 Search vendor "Asus" for product "Pn30 Firmware" and version " < 320" | - |
Affected
| in | Asus Search vendor "Asus" | Pn30 Search vendor "Asus" for product "Pn30" | - | - |
Safe
|
| Asus Search vendor "Asus" | Un65u Firmware Search vendor "Asus" for product "Un65u Firmware" | < 618 Search vendor "Asus" for product "Un65u Firmware" and version " < 618" | - |
Affected
| in | Asus Search vendor "Asus" | Un65u Search vendor "Asus" for product "Un65u" | - | - |
Safe
|