Driverhub
Monthly
Privilege escalation in ASUS DriverHub through version 1.0.6.11 allows local authenticated users to modify update validation resources, bypassing security checks to execute arbitrary code with elevated privileges during driver updates. The vulnerability exploits improper file permission assignment in the update process, requiring user interaction to trigger the elevated execution. CVSS 5.4 indicates moderate severity; exploitation requires local access and authenticated user status with specific file system conditions.
Privilege escalation in ASUS DriverHub through version 1.0.6.11 allows local authenticated users to modify update validation resources, bypassing security checks to execute arbitrary code with elevated privileges during driver updates. The vulnerability exploits improper file permission assignment in the update process, requiring user interaction to trigger the elevated execution. CVSS 5.4 indicates moderate severity; exploitation requires local access and authenticated user status with specific file system conditions.