CVE-2025-2027
CVE-2025-2027
Título es
CVE-2025-2027
Vie, 28/03/2025 – 06:15
Tipo
CWE-415
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2025-2027
Descripción en
A double free vulnerability has been identified in the ASUS System Analysis service. This vulnerability can be triggered by sending specially crafted local RPC requests, leading to the service crash and potentially memory manipulation in some rare circumstances.
Refer to the 'Security Update for MyASUS' section on the ASUS Security Advisory for more information.
Refer to the 'Security Update for MyASUS' section on the ASUS Security Advisory for more information.
28/03/2025
28/03/2025
Vector CVSS:4.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Gravedad 4.0
5.90
Gravedad 4.0 txt
MEDIUM
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis
Enviar en el boletín
Off
