CVE-2024-33223

HIGH

ASUS GPU TweakII <1.4.5.2 - Privilege Escalation

Title source: llm

Description

An issue in the component IOMap64.sys of ASUSTeK Computer Inc ASUS GPU TweakII v1.4.5.2 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

References (1)

Core 1

Core References

Various Sources

https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33223

View Writeup ZIP pw:eip

Scores

CVSS v3 8.8

EPSS 0.0047

EPSS Percentile 36.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-269

Status published

Published May 22, 2024

Tracked Since Feb 18, 2026