CVE-2025-15038

2026-03-12 54bf65a7-a193-42d2-b1ba-8e150d3c35e1

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 19:57 vuln.today
CVE Published
Mar 12, 2026 - 03:15 nvd
N/A

Tags

Linux

Description

An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL  request, potentially leading to a disclosure of kernel information or a system crash. Refer to the "Security Update for ASUS  Business System Control Interface" section on the ASUS Security Advisory for more information.

Analysis

An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL  request, potentially leading to a disclosure of kernel information or a system crash.

Technical Context

Classified as CWE-125 (Out-of-bounds Read). An Out-of-Bounds

Read vulnerability exists in the ASUS Business System

Control Interface driver. This vulnerability can be triggered by an unprivileged local user

sending a specially crafted IOCTL  request, potentially leading

to a disclosure of

kernel information or a system crash. Refer to the "Security Update for ASUS

Business System Control Interface" section on the ASUS Security Advisory for more information.

Affected Products

Component: ASUS Business System Control.

Remediation

Monitor vendor advisories for a patch.

Priority Score

0
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +0
POC: 0

Share

CVE-2025-15038 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy