Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Asus Subscribe
Filtered by product Armoury Crate Service
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38699 1 Asus 1 Armoury Crate Service 2022-09-30 N/A 5.9 MEDIUM
Armoury Crate Service’s logging function has insufficient validation to check if the log file is a symbolic link. A physical attacker with general user privilege can modify the log file property to a symbolic link that points to arbitrary system file, causing the logging function to overwrite the system file and disrupt the system.