14 matches found
CVE-2026-3508
An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash BSOD via a read size that exceeds the buffer size.Refer to the ' Security Update for MyASUS ' section on the ASUS Security Advisory for more information...
EUVD-2025-208607
An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...
CVE-2025-15037
An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and...
CVE-2025-59373
A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation into protected system paths, potentially leading to arbitrary files being executed as SYSTEM. For more...
EUVD-2022-39148
Malicious code in bioql PyPI...
EUVD-2022-39149
Malicious code in bioql PyPI...
CVE-2022-36438
AsusSwitch.exe on ASUS personal computers running Windows sets weak file permissions, leading to local privilege escalation this also can be used to delete files within the system arbitrarily. This affects ASUS System Control Interface 3 before 3.1.5.0, and AsusSwitch.exe before 1.0.10.0...
CVE-2022-36439
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers running Windows allows a local user to write into the Temp directory and delete another more privileged file via SYSTEM privileges. This affects ASUS System Control Interface 3 before 3.1.5.0, AsusSoftwareManger.e...
CVE-2022-36439
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers running Windows allows a local user to write into the Temp directory and delete another more privileged file via SYSTEM privileges. This affects ASUS System Control Interface 3 before 3.1.5.0, AsusSoftwareManger.e...
CVE-2022-36439
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers running Windows allows a local user to write into the Temp directory and delete another more privileged file via SYSTEM privileges. This affects ASUS System Control Interface 3 before 3.1.5.0, AsusSoftwareManger.e...
CVE-2022-36438
AsusSwitch.exe on ASUS personal computers running Windows sets weak file permissions, leading to local privilege escalation this also can be used to delete files within the system arbitrarily. This affects ASUS System Control Interface 3 before 3.1.5.0, and AsusSwitch.exe before 1.0.10.0...
PT-2022-5315 · Asus +1 · Asussoftwaremanager.Exe +3
Name of the Vulnerable Software and Affected Versions: ASUS System Control Interface versions prior to 3.1.5.0 AsusSoftwareManager.exe versions prior to 1.0.53.0 AsusLiveUpdate.dll versions prior to 1.0.45.0 Description: The issue is related to incorrect default permissions in the System Control...
PT-2022-5314 · Asus +1 · Asusswitch.Exe +2
Name of the Vulnerable Software and Affected Versions: ASUS System Control Interface versions prior to 3.1.5.0 AsusSwitch.exe versions prior to 1.0.10.0 Description: The issue is related to incorrect default permissions in the System Control Interface and AsusSwitch drivers for Windows operating...
CVE-2022-36438
AsusSwitch.exe on ASUS personal computers running Windows sets weak file permissions, leading to local privilege escalation this also can be used to delete files within the system arbitrarily. This affects ASUS System Control Interface 3 before 3.1.5.0, and AsusSwitch.exe before 1.0.10.0...