CVE-2021-28685

EPSS 0.04% · P14 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-28685

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory (by calling one of several driver routines that map physical memory into the virtual address space of the calling process) and to interact with MSR registers. This could enable low-privileged users to achieve NT AUTHORITY\SYSTEM privileges via a DeviceIoControl.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

ASUS GPUTweak II 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

ASUS GPUTweak II是中国华硕（ASUS）公司的一个驱动。用于驱动更多FPS。 ASUS GPUTweak II 2.3.0.3之前版本存在安全漏洞，该漏洞低特权用户能够通过DeviceIoControl获得NT AUTHORITYSYSTEM privileges。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2021-28685

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-28685

请登录查看更多情报信息。

Other References for CVE-2021-28685 (2)

https://gist.github.com/DStraghkov/fba4994ac4bb3a6e2940b21743563df0x_refsource_MISC
https://www.asus.com/Static_WebPage/ASUS-Product-Security-Advisory/x_refsource_MISC

https://nvd.nist.gov/vuln/detail/CVE-2021-28685

Same Patch Batch · n/a · 2021-04-08 · 33 CVEs total

CVE-2021-22115		Cloud Foundry Cloud Controller 安全漏洞
CVE-2021-3413		Red Hat Satellite 6 信息泄露漏洞
CVE-2021-3448		dnsmasq 安全漏洞
CVE-2021-3482		Exiv2 缓冲区错误漏洞
CVE-2020-6590		Forcepoint Web Security Content Gateway 代码问题漏洞
CVE-2021-22512		Jenkins 跨站请求伪造漏洞
CVE-2021-22511		Jenkins 信任管理问题漏洞
CVE-2021-22510		Jenkins Core 跨站脚本漏洞
CVE-2021-22513		Jenkins 安全漏洞
CVE-2020-14106		Xiaomi MIUI 安全漏洞
CVE-2020-14103		Xiaomi MIUI OS 安全漏洞
CVE-2021-3146		Dolby DAX2 API Service 代码问题漏洞
CVE-2021-22312		多款华为产品缓冲区错误漏洞
CVE-2020-14099		Xiaomi router AX1800 信任管理问题漏洞
CVE-2020-14104		Xiaomi Xiaomi router AX3600 竞争条件问题漏洞
CVE-2021-22507		Micro Focus Operations Bridge Manager 授权问题漏洞
CVE-2021-29154		Linux kernel 命令注入漏洞
CVE-2021-3328		Aprelium Abyss Web Server 缓冲区错误漏洞
CVE-2021-27945		Squirro Insights Engine 跨站脚本漏洞
CVE-2020-23539		Realtek rtl8723de 代码问题漏洞

Showing top 20 of 33 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2021-28685

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-28685

I. Basic Information for CVE-2021-28685

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-28685

III. Intelligence Information for CVE-2021-28685

Other References for CVE-2021-28685 (2)

Same Patch Batch · n/a · 2021-04-08 · 33 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-28685

Leave a comment