QSearchQSearch

CVE-2021-40981

7.3 HIGH

ASUS ROG Armoury Crate Lite before 4.2.10 allows local users to gain privileges by placing a Trojan horse file in the publicly writable %...

Published: 2021-09-27 · Last updated: 2026-06-17

Severity and scoring

CVSS
7.3 HIGH
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CWE
CWE-427

Affected products

VendorProduct
asusarmoury_crate_lite_service

Description

ASUS ROG Armoury Crate Lite before 4.2.10 allows local users to gain privileges by placing a Trojan horse file in the publicly writable %PROGRAMDATA%\ASUS\GamingCenterLib directory.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2021-42055 ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through 203 has Insecure Permissions that allow attacks by a physically proximate attacker (6.8 MEDIUM)
  • CVE-2021-3128 In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6... (7.5 HIGH)
  • CVE-2021-3229 Denial of service in ASUSWRT ASUS RT-AX3000 firmware versions 3.0.0.4.384_10177 and earlier versions allows an attacker to disrupt the us... (7.5 HIGH)
  • CVE-2021-3166 An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3_805 devices (7.5 HIGH)

Same CWE

  • CVE-2026-12003 To allow builds of Python to be run from an in-tree layout (rather than an installed file layout), the VPATH variable is defined at build...
  • CVE-2024-22451 Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability (6.7 MEDIUM)
  • CVE-2024-22447 Dell Peripheral Manager, versions prior to 1.7.3, contain an uncontrolled search path element vulnerability (6.7 MEDIUM)
  • CVE-2026-5064 Potential security vulnerabilities have been identified in the HP One Agent for certain HP PC products, which might allow ...
  • CVE-2026-50100 Multiple printer drivers provided by Ricoh Company, Ltd (7.8 HIGH)