Severity by source
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Local access and admin privileges required to reach the IOCTL interface; AC:H reflects non-trivial validation bypass; impact is read-only memory disclosure with no integrity or availability effect.
Primary rating from Vendor (ASUS).
CVSS VectorVendor: ASUS
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information.
AnalysisAI
Out-of-bounds memory read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager exposes kernel and firmware memory contents to local administrators via a crafted IOCTL request that bypasses the driver's length validation. The vulnerability (CWE-125) is constrained to AV:L/PR:H, meaning exploitation requires prior establishment of local administrator access on a system where the affected ASUS software is installed. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to hold a local administrator account on the target system (PR:H per CVSS 4.0 vector). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector (AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N, score 5.6) accurately reflects the narrow exploitation window. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has achieved local administrator access on a Windows endpoint running ASUS System Control Interface constructs a malicious IOCTL payload with out-of-range offset or length parameters and submits it to the vulnerable kernel driver. The driver's insufficient validation fails to reject the crafted input, and it reads memory beyond the intended firmware buffer - disclosing adjacent memory contents to the calling process. … |
| Remediation | Apply the vendor-supplied update documented in the ASUS Security Advisory (https://www.asus.com/security-advisory, 'Security Update for ASUS System Control Interface' section). … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in System Control Interface V3
View allArbitrary physical memory read/write in the ASUS System Control Interface (v3 and legacy) and ASUS Business Manager driv
Local information disclosure and denial of service in the ASUS System Control Interface driver (v3 and earlier) and ASUS
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44588
GHSA-ccmx-85ff-f67h