🛡️ CVE-2022-21933
🟡 CVSS 6.7 — Medium ✅ No Known Exploit CWE-20 NVD
6.7
CVSS Score
0 Low4 Medium7 High9 Critical10

Description

ASUS VivoMini/Mini PC device has an improper input validation vulnerability. A local attacker with system privilege can use system management interrupt (SMI) to modify memory, resulting in arbitrary code execution for controlling the system or disrupting service.

Details

Severity MEDIUM
CVSS Score 6.7
CVSS Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE CWE-20
Public Exploit ✅ No
Source NVD
Published 2022-01-21
Updated 2026-06-08
Modified 2024-11-21
Fix URL N/A

Affected Packages

Software From version Fixed in
pa90-firmware 1401
pb50-firmware 902
pb60-firmware 1502
pb60g-firmware 1302
pb60s-firmware 1302
pb60v-firmware 1302
pb61v-firmware 601
pn30-firmware 320
pn40-firmware 2201
pn60-firmware 808
ts10-firmware 609
un65u-firmware 618
vc65-c1-firmware 1302

Vulnerability Monitoring

Stay informed about vulnerabilities in your stack

BotEraser monitors your WordPress installation and notifies you when software you use appears in our vulnerability database.

Set Up Free Alerts →

No credit card required  ·  Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.