Description
The UX360CA BIOS through 303 on ASUS laptops allow an attacker (with the ring 0 privilege) to overwrite nearly arbitrary physical memory locations, including SMRAM, and execute arbitrary code in the SMM (issue 3 of 3).
Exploits (1)
References (2)
Core 2
Core References
Exploit, Vendor Advisory x_refsource_confirm
https://www.asus.com/support/FAQ/1045541/
Exploit, Third Party Advisory x_refsource_misc
https://www.youtube.com/watch?v=1H3AfaVyeuk
Scores
CVSS v3
8.2
EPSS
0.0469
EPSS Percentile
89.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Details
Status
published
Products (1)
asus/ux360ca_bios
< 304
Published
Mar 31, 2021
Tracked Since
Feb 18, 2026