Lucene search
K

56 matches found

NVD
NVD
added 14 hours ago7 views

CVE-2026-15030

Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security...

5.6CVSS
Exploits0References1
EUVD
EUVD
added 14 hours ago10 views

EUVD-2026-44589

Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protection...

8.4CVSS6.2AI score
Exploits0References1
CVE
CVE
added 14 hours ago11 views

CVE-2026-15029

The CVE-2026-15029 entry covers an Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager. The vulnerability permits a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests...

8.4CVSS6.2AI score
Exploits0References1
EUVD
EUVD
added 14 hours ago7 views

EUVD-2026-44588

Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security...

5.6CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added 14 hours ago6 views

CVE-2026-13585

Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe...

8.2CVSS
Exploits0References1
EUVD
EUVD
added 14 hours ago8 views

EUVD-2026-44587

Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe...

8.2CVSS6AI score
Exploits0References1
CVE
CVE
added 14 hours ago10 views

CVE-2026-13585

The CVE-2026-13585 affects the ASUS System Control Interface (SCI) driver and ASUS Business Manager. The root cause is Allocation of Resources Without Limits and Throttling, leading to potential exposure of sensitive information via crafted IOCTL requests. A local administrator can leverage this ...

8.2CVSS6AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.11 views

CVE-2026-3508

An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...

6.8CVSS5.7AI score0.00137EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 2:16 a.m.30 views

CVE-2026-7480

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...

7.3CVSS0.00135EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/29 2:6 a.m.40 views

CVE-2026-7480

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...

7.3CVSS0.00135EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 2:6 a.m.11 views

CVE-2026-7480

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...

7.3CVSS6.2AI score0.00135EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 2:6 a.m.13 views

EUVD-2026-33245

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...

7.3CVSS6.2AI score0.00135EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

ASUS System Control Interface 安全漏洞

ASUS System Control Interface is a computer system control interface developed by ASUS, a Chinese company. There is a security vulnerability in the ASUS System Control Interface, which stems from improper allocation of permissions for critical resources. This vulnerability could allow local users...

7.3CVSS6.1AI score0.00135EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.28 views

PT-2026-44742

Name of the Vulnerable Software and Affected Versions ASUS System Control Interface affected versions not specified Description An incorrect permission assignment for critical resources in the ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary...

7.3CVSS6AI score0.00135EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 3:30 a.m.9 views

EUVD-2026-28486

An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...

6.8CVSS5.9AI score0.00137EPSS
Exploits0References2
NVD
NVD
added 2026/05/08 3:16 a.m.37 views

CVE-2026-3508

An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...

6.8CVSS0.00137EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/08 2:0 a.m.10 views

CVE-2026-3508

An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...

6.8CVSS5.9AI score0.00137EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/08 2:0 a.m.49 views

CVE-2026-3508

An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...

6.8CVSS0.00137EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.14 views

PT-2026-38640

Name of the Vulnerable Software and Affected Versions ASUS System Control Interface affected versions not specified Description An Out-of-bounds Read in the IOCTL handler allows a local user to cause a system crash BSOD. This occurs when a read size is requested that exceeds the allocated buffer...

6.8CVSS5.9AI score0.00137EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.14 views

ASUS System Control Interface 缓冲区错误漏洞

ASUS System Control Interface is a computer system control interface developed by ASUS, a Chinese company. There is a buffer overflow vulnerability in the ASUS System Control Interface. This vulnerability arises from reading sizes that exceed the size of the buffer within the IOCTL handler, which...

6.8CVSS6.1AI score0.00137EPSS
Exploits0References1
Rows per page
Query Builder