Skip to main content

Member Center EUVDEUVD-2026-23158

| CVE-2026-3428 MEDIUM
Download of Code Without Integrity Check (CWE-494)
2026-04-16 ASUS GHSA-49h6-4qj3-4f42
5.4
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
P
Scope
X

Lifecycle Timeline

4
Analysis Generated
Apr 16, 2026 - 04:51 vuln.today
EUVD ID Assigned
Apr 16, 2026 - 02:45 euvd
EUVD-2026-23158
Analysis Generated
Apr 16, 2026 - 02:45 vuln.today
CVE Published
Apr 16, 2026 - 02:02 nvd
MEDIUM 5.4

DescriptionCVE.org

A Download of Code Without Integrity Check vulnerability in the update modules in ASUS Member Center(华硕大厅) allows a local user to achieve privilege escalation to Administrator via exploitation of a Time-of-check Time-of-use (TOC-TOU) during the update process, where an unexpected payload is substituted for a legitimate one immediately after download, and subsequently executed with administrative privileges upon user consent. Refer to the 'Security Update for ASUS Member Center' section on the ASUS Security Advisory for more information.

AnalysisAI

Privilege escalation in ASUS Member Center (华硕大厅) versions 1.6.6.4 and earlier allows authenticated local users to achieve Administrator-level privilege escalation by exploiting a Time-of-check Time-of-use (TOC-TOU) race condition during the update process. An attacker can substitute a malicious payload for the legitimate downloaded update immediately after integrity verification completes but before execution, causing the compromised code to run with administrative privileges upon user consent. CVSS 5.4 reflects the requirement for local access, user interaction, and elevated (but non-Administrator) initial privileges; however, the vulnerability achieves full privilege escalation to Administrator with moderate technical difficulty.

Technical ContextAI

The vulnerability exists in the update mechanism of ASUS Member Center, a Windows application bundled on ASUS systems. The root cause is CWE-494 (Download of Code Without Integrity Check), manifesting as a Time-of-check Time-of-use (TOCTOU) race condition. The update module downloads code and performs integrity validation (likely hash or signature verification), but a window exists between validation completion and code execution during which an attacker with local file-system access can replace the validated file with malicious content. When the update executes with administrative privileges (by virtue of User Access Control elevation or a privileged service), the attacker's payload runs at that privilege level. CPE cpe:2.3:a:asus:member_center(华硕大厅):*:*:*:*:*:*:*:* identifies the affected product family across all versions up to and including 1.6.6.4.

RemediationAI

Upgrade ASUS Member Center to version 1.6.6.5 or later (exact patched version must be confirmed in the ASUS Security Advisory referenced at https://www.asus.com/security-advisory/). Users should not rely on workarounds because the vulnerability is in the core update mechanism; attempting to disable updates is impractical and leaves systems exposed to other vulnerabilities addressed in future ASUS updates. Alternatively, on shared or multi-user systems, temporarily restrict write permissions to the update cache directory (typically %LocalAppData%\ASUS or %ProgramData%\ASUS) to non-privileged users until the patch is deployed, preventing attackers from modifying files during the validation window; however, this may interfere with the update process and is not a permanent mitigation. For IT administrators managing ASUS systems across an organization, prioritize patching ASUS Member Center on systems with multiple local user accounts or shared access, as this increases the likelihood of a local attacker being present. Patch testing and deployment should be coordinated with ASUS support if the exact patched version is not immediately clear from the advisory.

Share

EUVD-2026-23158 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy