Jump to content
  • Sign Up
×
×
  • Create New...
New feature: 1 Vote = 0.10€ for server Owner!

Flaw in Asus DriverHub makes utility vulnerable to remote code execution

Pelican Press

By Pelican Press,
in World News

 Share

Recommended Posts

  • Diamond Member
Pelican Press Warlord

Pelican Press 0

Posted
  • Diamond Member
Posted

This is the hidden content, please

Flaw in Asus DriverHub makes utility vulnerable to remote code execution

deBvya9TiFwXffnH6dNeR9.jpg

A major security flaw has been discovered in Asus’ DriverHub management utility that allows anyone to easily run malicious code on a system with the utility installed. Programmer

This is the hidden content, please
initially discovered the exploit, revealing DriverHub can be spoofed to run any sort of malicious content without user notice.

The flaw surrounds poorly executed security measures by the developers; the app connects to an API request on a predefined port, and will accept any URL that merely includes the handle “driverhub.asus.com”. (A URL such as driverhub.asus.com.mrbruh.com will work.)

Worse, any files that get downloaded through the spoofed URL won’t be deleted, even if they fail the app’s signing check. This is where the attack gets deadly, as files that are downloaded from an attacker remain and can be activated on the system.


You may like

To demonstrate, “MrBruh” presented a simulated attack where the “AsusSetup” executable in an Asus driver package is run silently using the “-s” flag. The silent install behavior of the executable takes advantage of an “.ini” file in the driver package to perform the silent install. The “.ini” file, in turn, is capable of being rewritten to perform any command, such as activating malicious content downloaded from a spoofed URL.

The good news is that Asus has already fixed the security vulnerability with an update to the DriverHub utility. Asus implemented the update on April 18th, so any system with DriverHub installed is secure starting with the April 18th update.

DriverHub is an Asus driver management tool that is completely autonomous and runs in the background, automatically installing critical drivers for Asus-branded or Asus-equipped systems when needed. The tool automatically installs itself when Windows is first installed and can be manually enabled or disabled within the UEFI/BIOS of a supported Asus motherboard. Driverhub is a mainstream utility for Asus, and is available on a wide range of Asus hardware, from standalone motherboards to laptops and desktop PCs.

Get Tom’s Hardware’s best news and in-depth reviews, straight to your inbox.



This is the hidden content, please

#Flaw #Asus #DriverHub #utility #vulnerable #remote #code #execution

This is the hidden content, please

This is the hidden content, please

0

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.

  I accept