CVE-2024-55408

medium

Description

An improper access control vulnerability in the AsusSAIO.sys driver may lead to the misuse of software functionality utilizing the driver when crafted IOCTL requests are supplied.

References

https://www.asus.com/tw/support/myasus-deeplink/

https://github.com/heyheysky/vulnerable-driver/blob/master/CVE-2024-55408/CVE-2024-55408_AsusSAIO.sys_README.md

Details

Source: Mitre, NVD

Published: 2025-01-06

Updated: 2026-04-15

CVSS v4

Base Score: 5.1

Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Severity: Medium

EPSS

EPSS: 0.00038

Detections

Analytics