Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2026-8920

Gravedad CVSS v4.0:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
15/07/2026
Última modificación:
15/07/2026

Descripción

*** Pendiente de traducción *** Improper Restriction of Communication Channel to Intended Endpoints and External Control of File Name or Path in Aura Wallpaper Service allow a local user to perform file operations by sending crafted commands containing an arbitrary file path and bypassing the service’s path restrictions . On specific models , this can also cause a single feature to become unavailable .<br /> Refer to the &amp;#39; Security Update for Aura Wallpaper Service &amp;#39; section on the ASUS Security Advisory for more information.

Referencias a soluciones, herramientas e información