Lucene search
K

31 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.10 views

CVE-2026-3508

An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...

6.8CVSS5.7AI score0.00137EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 2:16 a.m.28 views

CVE-2026-7480

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...

7.3CVSS0.00135EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/29 2:6 a.m.35 views

CVE-2026-7480

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...

7.3CVSS0.00135EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 2:6 a.m.10 views

CVE-2026-7480

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...

7.3CVSS6.2AI score0.00135EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.8 views

ASUS System Control Interface 安全漏洞

ASUS System Control Interface is a computer system control interface developed by ASUS, a Chinese company. There is a security vulnerability in the ASUS System Control Interface, which stems from improper allocation of permissions for critical resources. This vulnerability could allow local users...

7.3CVSS6.1AI score0.00135EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.17 views

PT-2026-44742

Name of the Vulnerable Software and Affected Versions ASUS System Control Interface affected versions not specified Description An incorrect permission assignment for critical resources in the ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary...

7.3CVSS6AI score0.00135EPSS
Exploits0References4
NVD
NVD
added 2026/05/08 3:16 a.m.15 views

CVE-2026-3508

An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...

6.8CVSS0.00137EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/08 2:0 a.m.32 views

CVE-2026-3508

An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...

6.8CVSS0.00137EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/08 2:0 a.m.9 views

CVE-2026-3508

An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...

6.8CVSS5.9AI score0.00137EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.13 views

ASUS System Control Interface 缓冲区错误漏洞

ASUS System Control Interface is a computer system control interface developed by ASUS, a Chinese company. There is a buffer overflow vulnerability in the ASUS System Control Interface. This vulnerability arises from reading sizes that exceed the size of the buffer within the IOCTL handler, which...

6.8CVSS6.1AI score0.00137EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/12 2:0 a.m.4 views

CVE-2025-15037

An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...

6.8CVSS5.8AI score0.00099EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/12 2:0 a.m.6 views

EUVD-2025-208607

An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...

6.8CVSS5.8AI score0.00099EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/12 2:0 a.m.23 views

CVE-2025-15037

An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...

6.8CVSS0.00099EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.8 views

PT-2026-24909

🚨 CVE-2025-15037 An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive...

6.8CVSS5.8AI score0.00099EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/01/06 12:0 a.m.4 views

ASUS System Control Interface 安全漏洞

ASUS System Control Interface is a computer system control interface from Asus China. A security vulnerability exists in ASUS System Control Interface, which originates from an uncontrolled DLL load path that could lead to the execution of arbitrary code...

8.5CVSS6.9AI score0.00115EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/27 3:3 p.m.5 views

CVE-2025-59373

A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation into protected system paths, potentially leading to arbitrary files being executed as SYSTEM. For more...

8.5CVSS7AI score0.00116EPSS
Exploits0References1
CVE
CVE
added 2025/11/25 2:3 a.m.14 views

CVE-2025-59373

CVE-2025-59373 concerns a local privilege escalation in the ASUS System Control Interface (ASCI) restore mechanism, enabling an unprivileged user to copy files into protected system paths and cause arbitrary code to run as SYSTEM. Several sources (NVD/NIST, Red Hat, CIRCL enrichment, ZDI) identif...

8.5CVSS6AI score0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/25 2:3 a.m.7 views

CVE-2025-59373

A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation into protected system paths, potentially leading to arbitrary files being executed as SYSTEM. For more...

8.5CVSS0.00116EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-39149

Malicious code in bioql PyPI...

6CVSS6.2AI score0.00164EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-39148

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00163EPSS
Exploits0References3
Rows per page
Query Builder