|Number of vulnerabilities||1|
|Public exploit||This vulnerability is being exploited in the wild.|
ASUS Live Update
|Vulnerable software versions||
ASUS Live Update -
The vulnerability allows a remote attacker to compromise vulnerable system
The vulnerability exists due to hidden functionality (backdoor) is present in software. A remote attacker can use this functionality to gain full access to the application and compromise the affected system.
Note: this backdoor was implented as a result of ASUS servers compromise within the APT attack dubbed “Operation ShadowHammer”. The campaign ran from June to at least November 2018.Remediation
Install a new version of Asus Live Update from vendor's website and use antivirus software to detect and remove potential malware from your computers.