Skip to main content

Driverhub CVE-2026-1880

| EUVDEUVD-2026-23155 MEDIUM
Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)
2026-04-16 ASUS
5.4
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
P
Scope
X

Lifecycle Timeline

6
Patch released
Apr 17, 2026 - 15:17 nvd
Patch available
Patch available
Apr 16, 2026 - 05:29 EUVD
1.0.6.12
Analysis Generated
Apr 16, 2026 - 04:51 vuln.today
EUVD ID Assigned
Apr 16, 2026 - 02:45 euvd
EUVD-2026-23155
Analysis Generated
Apr 16, 2026 - 02:45 vuln.today
CVE Published
Apr 16, 2026 - 02:00 nvd
MEDIUM 5.4

DescriptionCVE.org

An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources during the validation phase, permitting a local user to make unprivileged modifications. This allows the altered resource to pass system checks and be executed with elevated privileges upon a user-initiated update. Refer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.

AnalysisAI

Privilege escalation in ASUS DriverHub through version 1.0.6.11 allows local authenticated users to modify update validation resources, bypassing security checks to execute arbitrary code with elevated privileges during driver updates. The vulnerability exploits improper file permission assignment in the update process, requiring user interaction to trigger the elevated execution. CVSS 5.4 indicates moderate severity; exploitation requires local access and authenticated user status with specific file system conditions.

Technical ContextAI

ASUS DriverHub is an automatic driver update utility that manages system driver installation and updates. The vulnerability stems from CWE-367 (Time-of-Check-Time-of-Use / TOCTOU race condition) or improper file permission handling during the validation phase of the update mechanism. The update process validates driver packages before executing them with elevated privileges; however, the validation resources themselves (likely configuration files, scripts, or validation checksums) are stored with insufficient permission restrictions, allowing a local user with standard privileges to modify these resources between the validation check and the actual execution. This permits an attacker to inject malicious code that passes the integrity checks and runs in a privileged context when the user initiates or completes an update action. CPE cpe:2.3:a:asus:driverhub:*:*:*:*:*:*:*:* confirms the scope is the DriverHub application across all versions below 1.0.6.12.

RemediationAI

Upgrade ASUS DriverHub to version 1.0.6.12 or later, which addresses the permission assignment vulnerability in the update validation process. Users can check their current version in DriverHub settings and apply the update through the application's built-in update mechanism or download the patched version directly from ASUS support. If immediate patching is not feasible, disable automatic driver updates in DriverHub settings and manually verify driver installations through ASUS support channels; note that this workaround reduces system driver currency and may leave the system vulnerable to driver-level bugs. Additionally, restrict file system write access to the DriverHub installation and cache directories to administrator accounts only using Windows NTFS permissions or equivalent OS-level access controls, though this may conflict with the application's ability to self-update and should be tested before deployment.

Share

CVE-2026-1880 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy