Vulnerabilities in Asus
141 resultsCVE-2021-41289MEDIUMASUS P453UJ - Improper Restriction of Operations within the Bounds of a Memory BufferEPSS 0.2%CVE-2025-9968HIGHA link following vulnerability exists in the UnifyScanner component of Armoury Crate. This vulnerability may be triggered by creating a specEPSS 0.2%CVE-2024-12957HIGHA file handling command vulnerability in certain versions of Armoury Crate may result in arbitrary file deletion.
Refer to the '01/23/2025 SEPSS 0.2%CVE-2025-2027MEDIUMA double free vulnerability has been identified in the ASUS System Analysis service. This vulnerability can be triggered by sending speciallEPSS 0.1%CVE-2025-6398MEDIUMA null pointer dereference vulnerability exists in the IOMap64.sys driver of ASUS AI Suite 3. The vulnerability can be triggered by a speciaEPSS 0.1%CVE-2026-1880MEDIUMAn Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due EPSS 0.1%CVE-2026-3508MEDIUMAn Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash (BSOD) vEPSS 0.1%CVE-2025-9336MEDIUMA stack buffer overflow has been identified in the AsIO3.sys driver. This vulnerability can be triggered by input manipulation, may leading EPSS 0.1%CVE-2026-7480HIGHAn Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate priviEPSS 0.1%CVE-2026-1878MEDIUMAn Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SEPSS 0.1%CVE-2025-9337MEDIUMA null pointer dereference has been identified in the AsIO3.sys driver. The vulnerability can be triggered by a specially crafted input, whiEPSS 0.1%CVE-2025-59373HIGHA local privilege escalation vulnerability exists in
the restore mechanism of
ASUS System Control Interface. It can be triggered when aEPSS 0.1%CVE-2025-12793HIGHAn uncontrolled DLL loading path vulnerability exists in AsusSoftwareManagerAgent. A local attacker may influence the application to load a EPSS 0.1%CVE-2025-11775MEDIUMAn out-of-bounds read vulnerability has been identified in the asComSvc service. This vulnerability can be triggered by sending specially crEPSS 0.1%CVE-2025-9338HIGHA improper restriction of operations within the bounds of a memory buffer exists in AsIO3.sys driver. This vulnerability can be triggered byEPSS 0.1%CVE-2025-15038MEDIUMAn Out-of-Bounds
Read vulnerability exists in the ASUS Business System
Control Interface driver. This vulnerability can be triggered by an uEPSS 0.1%CVE-2025-13348HIGHAn improper access control vulnerability exists in ASUS Secure Delete Driver of ASUS Business Manager. This vulnerability can be triggered bEPSS 0.1%CVE-2025-15037MEDIUMAn Incorrect
Permission Assignment vulnerability exists in the ASUS Business
System Control Interface driver. This vulnerability can be trigEPSS 0.1%CVE-2026-6737LOWAn Exposed IOCTL with Insufficient Access Control vulnerability in AsusPTPFilter allows a local user to bypass driver security mechanisms anEPSS 0.1%CVE-2026-8070HIGHIncorrect permission assignment for a critical resource in Armoury Crate allows a local user to bypass the driver’s validation mechanism, reEPSS 0.1%