CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionNVD
UNSUPPORTED WHEN ASSIGNED
A privilege escalation vulnerability in CxUIUSvc64.exe and CxUIUSvc32.exe of Synaptics audio drivers allows a local authorized attacker to load a DLL in a privileged process.
Out of an abundance of caution, this CVE ID is being assigned to better serve our customers and ensure all who are still running this product understand that the product is End-of-Life and should be removed. For more information on this, refer to the CVE Record’s reference information.
AnalysisAI
CxUIUSvc64.exe and CxUIUSvc32.exe of Synaptics audio drivers is affected by improper access control (CVSS 7.8).
Technical ContextAI
This vulnerability (CWE-284: Improper Access Control) affects CxUIUSvc64.exe and CxUIUSvc32.exe of Synaptics audio drivers. UNSUPPORTED WHEN ASSIGNED
A privilege escalation vulnerability in CxUIUSvc64.exe and CxUIUSvc32.exe of Synaptics audio drivers allows a local authorized attacker to load a DLL in a privileged process.
Out of an abundance of caution, this CVE ID is being assigned to better serve our customers and ensure all who are still running this product understand that the product is End-of-Life and should be removed. For more information on this, refer to the CVE Record’s reference information.
Affected ProductsAI
Product: CxUIUSvc64.exe and CxUIUSvc32.exe of Synaptics audio drivers.
RemediationAI
Monitor vendor advisories for a patch.
Share
External POC / Exploit Code
Leaving vuln.today