Severity by source
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources during the validation phase, permitting a local user to make unprivileged modifications. This allows the altered resource to pass system checks and be executed with elevated privileges upon a user-initiated update. Refer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.
AnalysisAI
Privilege escalation in ASUS DriverHub through version 1.0.6.11 allows local authenticated users to modify update validation resources, bypassing security checks to execute arbitrary code with elevated privileges during driver updates. The vulnerability exploits improper file permission assignment in the update process, requiring user interaction to trigger the elevated execution. CVSS 5.4 indicates moderate severity; exploitation requires local access and authenticated user status with specific file system conditions.
Technical ContextAI
ASUS DriverHub is an automatic driver update utility that manages system driver installation and updates. The vulnerability stems from CWE-367 (Time-of-Check-Time-of-Use / TOCTOU race condition) or improper file permission handling during the validation phase of the update mechanism. The update process validates driver packages before executing them with elevated privileges; however, the validation resources themselves (likely configuration files, scripts, or validation checksums) are stored with insufficient permission restrictions, allowing a local user with standard privileges to modify these resources between the validation check and the actual execution. This permits an attacker to inject malicious code that passes the integrity checks and runs in a privileged context when the user initiates or completes an update action. CPE cpe:2.3:a:asus:driverhub:*:*:*:*:*:*:*:* confirms the scope is the DriverHub application across all versions below 1.0.6.12.
RemediationAI
Upgrade ASUS DriverHub to version 1.0.6.12 or later, which addresses the permission assignment vulnerability in the update validation process. Users can check their current version in DriverHub settings and apply the update through the application's built-in update mechanism or download the patched version directly from ASUS support. If immediate patching is not feasible, disable automatic driver updates in DriverHub settings and manually verify driver installations through ASUS support channels; note that this workaround reduces system driver currency and may leave the system vulnerable to driver-level bugs. Additionally, restrict file system write access to the DriverHub installation and cache directories to administrator accounts only using Windows NTFS permissions or equivalent OS-level access controls, though this may conflict with the application's ability to self-update and should be tested before deployment.
Same technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-23155