216.73.216.86

CVE-2024-9157

· Published 11/03/2025 17:16 · Modified 11/03/2025 17:16

Labels: CVE-2024-9157 2025-03-11CVE-2024-9157CWE-284[email protected]

Essential information

Published
11/03/2025 17:16
Modified
11/03/2025 17:16
Author
Creator
CVSS
7.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

** UNSUPPORTED WHEN ASSIGNED **  A privilege escalation vulnerability in CxUIUSvc64.exe and CxUIUSvc32.exe of Synaptics audio drivers allows a local authorized attacker to load a DLL in a privileged process. Out of an abundance of caution, this CVE ID is being assigned to better serve our customers and ensure all who are still running this product understand that the product is End-of-Life and should be removed. For more information on this, refer to the CVE Record’s reference information.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
synaptics / audio drivers cpe:2.3:a:synaptics:audio_drivers:*:*:*:*:*:*:*:*

References