cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-38699,https://securityvulnerability.io/vulnerability/CVE-2022-38699,ASUS Armoury Crate Service - Arbitrary File Creation via Elevation of Privilege Flaw,"Armoury Crate Service’s logging function has insufficient validation to check if the log file is a symbolic link. A physical attacker with general user privilege can modify the log file property to a symbolic link that points to arbitrary system file, causing the logging function to overwrite the system file and disrupt the system.",Asus,Armoury Crate Service,5.9,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-09-28T04:15:00.000Z,0
CVE-2022-22262,https://securityvulnerability.io/vulnerability/CVE-2022-22262,ASUS Armoury Crate & Aura Creator Installer之ROG Live Service - Improper Link Resolution Before File Access,"ROG Live Service’s function for deleting temp files created by installation has an improper link resolution before file access vulnerability. Since this function does not validate the path before deletion, an unauthenticated local attacker can create an unexpected symbolic link to system file path, to delete arbitrary system files and disrupt system service.",Asus,Armoury Crate & Aura Creator Installer (rog Live Service),7.7,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2022-01-31T00:00:00.000Z,0
CVE-2021-40981,https://securityvulnerability.io/vulnerability/CVE-2021-40981,Privilege Escalation in ASUS ROG Armoury Crate Lite Software,"The ASUS ROG Armoury Crate Lite software prior to version 4.2.10 is vulnerable to a privilege escalation flaw. Local users can exploit this vulnerability by placing a malicious file in the publicly writable %PROGRAMDATA%\ASUS\GamingCenterLib directory. This could allow malicious actors to gain elevated privileges, potentially compromising system integrity. Users are advised to update the software to safeguard against such attacks.",Asus,Armoury Crate Lite Service,7.3,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-09-27T05:43:59.000Z,0