Main Vulnerability Database Exploits ID:6121 - Exploit for Permissions, Privileges, and Access Controls in Asus Precision TouchPad - CVE-2019-10709

ID:6121 - Exploit for Permissions, Privileges, and Access Controls in Asus Precision TouchPad - CVE-2019-10709

Published: June 17, 2021

Vulnerability identifier: #VU20910

Vulnerability risk: Critical

CVE-ID: CVE-2019-10709

CWE-ID: CWE-264

Exploitation vector: Remote access

Vulnerable software:
Asus Precision TouchPad

Link to public exploit:

https://www.exploit-db.com/exploits/47322/

Vulnerability description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to the "AsusPTPFilter.sys" driver has a Pool Overflow associated with the \\.\AsusTP device. A remote attacker can cause a denial of service attack or potentially privilege escalation via a crafted "DeviceIoControl" call.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:6121 - Exploit for Permissions, Privileges, and Access Controls in Asus Precision TouchPad - CVE-2019-10709

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human