asus

Top products

The 15 most recently published vulnerabilities affecting asus.

• CVE-2026-1880An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources du...6.7Apr 16, 2026
• CVE-2025-15101An OS command injection vulnerability in the web management interface of certain ASUS router models allows remote authenticated administrators to execute arbitrary system commands via a crafted par...8.8Mar 26, 2026
• CVE-2025-15038An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL...7.1Mar 12, 2026
• CVE-2026-1878An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access contro...8.4Mar 12, 2026
• CVE-2025-15037An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially c...5.5Mar 12, 2026
• CVE-2025-12793An uncontrolled DLL loading path vulnerability exists in AsusSoftwareManagerAgent. A local attacker may influence the application to load a DLL from an attacker-controlled location, potentially res...7.8Jan 6, 2026
• CVE-2025-59374"UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds coul...KEV9.8Dec 17, 2025
• CVE-2025-11901An uncontrolled resource consumption vulnerability affects certain ASUS motherboards using Intel B460, B560, B660, B760, H410, H510, H610, H470, Z590, Z690, Z790, W480, W680 series chipsets. Expl...6.8Dec 17, 2025
• CVE-2025-59366An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effect of the Samba functionality, potentially leading to allow execution of spec...9.8Nov 25, 2025
• CVE-2025-59373A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validati...7.8Nov 25, 2025
• CVE-2025-59367An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Upd...9.8Nov 13, 2025
• CVE-2025-3464A race condition vulnerability exists in Armoury Crate. This vulnerability arises from a Time-of-check Time-of-use issue, potentially leading to authentication bypass. Refer to the 'Security Update...8.7Jun 16, 2025
• CVE-2025-3463"This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation vulnerability in ASUS DriverHub may allow untrusted sources t...9.8May 9, 2025
• CVE-2025-3462"This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation in ASUS DriverHub may allow unauthorized sources to interact ...7.3May 9, 2025
• CVE-2025-2492An improper authentication control vulnerability exists in AiCloud. This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions. Refer to ...9.4Apr 18, 2025