CVE-2022-4990
HighCVSS 7.3Summary
The ASUS AI Suite 3 driver contains a vulnerability due to improper validation of specified quantity in input, allowing a local user to bypass security and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation.
Risk Assessment
A local attacker can gain elevated privileges, potentially leading to full system compromise, data theft, or malware installation.
Recommendation
Immediately discontinue use of ASUS AI Suite 3 as it is an unsupported product, and consider migrating to an alternative, supported system management software.
Original NVD description (English source)
** UNSUPPORTED WHEN ASSIGNED ** Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation.

