CVE-2025-15037
CVE-2025-15037
An Incorrect
Permission Assignment vulnerability exists in the ASUS Business
System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a
specially crafted IOCTL request,
potentially leading to unauthorized access to sensitive hardware resources
and kernel information disclosure. Refer to the "ASUS Business System Control Interface" section on the ASUS Security Advisory for more information.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Productos afectados
ASUS · ASUS Business System Control Interface¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →