Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2022-21933
PUBLISHED
More InfoOfficial Page
Assigner-twcert
Assigner Org ID-cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e
View Known Exploited Vulnerability (KEV) details
Published At-21 Jan, 2022 | 09:05
Updated At-16 Sep, 2024 | 20:06
Rejected At-
▼CVE Numbering Authority (CNA)
ASUS VivoMini/Mini PC - improper input validation

ASUS VivoMini/Mini PC device has an improper input validation vulnerability. A local attacker with system privilege can use system management interrupt (SMI) to modify memory, resulting in arbitrary code execution for controlling the system or disrupting service.

Affected Products
Vendor
ASUS (ASUSTeK Computer Inc.)ASUS
Product
VC65-C1
Versions
Affected
  • From unspecified before 1302 (custom)
Vendor
ASUS (ASUSTeK Computer Inc.)ASUS
Product
PB60V
Versions
Affected
  • From unspecified before 1302 (custom)
Vendor
ASUS (ASUSTeK Computer Inc.)ASUS
Product
PB60G
Versions
Affected
  • From unspecified before 1302 (custom)
Vendor
ASUS (ASUSTeK Computer Inc.)ASUS
Product
PB60S
Versions
Affected
  • From unspecified before 1302 (custom)
Vendor
ASUS (ASUSTeK Computer Inc.)ASUS
Product
PA90
Versions
Affected
  • From unspecified before 1401 (custom)
Vendor
ASUS (ASUSTeK Computer Inc.)ASUS
Product
PB50
Versions
Affected
  • From unspecified before 902 (custom)
Vendor
ASUS (ASUSTeK Computer Inc.)ASUS
Product
PB60
Versions
Affected
  • From unspecified before 1502 (custom)
Vendor
ASUS (ASUSTeK Computer Inc.)ASUS
Product
PB61V
Versions
Affected
  • From unspecified before 601 (custom)
Vendor
ASUS (ASUSTeK Computer Inc.)ASUS
Product
TS10
Versions
Affected
  • From unspecified before 609 (custom)
Vendor
ASUS (ASUSTeK Computer Inc.)ASUS
Product
PN40
Versions
Affected
  • From unspecified before 2201 (custom)
Vendor
ASUS (ASUSTeK Computer Inc.)ASUS
Product
PN60
Versions
Affected
  • From unspecified before 808 (custom)
Vendor
ASUS (ASUSTeK Computer Inc.)ASUS
Product
PN30
Versions
Affected
  • From unspecified before 320 (custom)
Vendor
ASUS (ASUSTeK Computer Inc.)ASUS
Product
UN65U
Versions
Affected
  • From unspecified before 618 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

BIOS Update(https://www.asus.com/content/ASUS-Product-Security-Advisory/)

Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.twcert.org.tw/tw/cp-132-5547-34bc4-1.html
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.twcert.org.tw/tw/cp-132-5547-34bc4-1.html
x_refsource_MISC
x_transferred
Details not found