An authorization bypass vulnerability exists in the AsIO3.sys functionality of Asus Armoury Crate. A specially crafted hard link can lead to an authorization bypass. An attacker can create a hard link to trigger this vulnerability. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges. The steps performed by the exploit to elevate privileges are: Leak the address of the current thread Leak the address of the current process token Leak the address of the SYSTEM process token Trigger the vulnerability to bypass the authorization Abuse the driver to overwrite PreviousMode Replace the current process token with the SYSTEM token Restore original PreviousMode value
CVE Link
Exploit Platform
Exploit Type
Product Name