Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Local admin must open the driver and send IOCTLs, so AV:L and PR:H with low complexity; physical memory read/write yields full C/I/A impact within an unchanged kernel scope.
Primary rating from Vendor (ASUS).
CVSS VectorVendor: ASUS
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protections. Refer to the ' Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information.
AnalysisAI
Arbitrary physical memory read/write in the ASUS System Control Interface (v3 and legacy) and ASUS Business Manager driver allows a local administrator to issue crafted IOCTL requests that bypass OS-enforced memory protections, per an ASUS-published advisory. The flaw (CWE-822, Untrusted Pointer Dereference) turns the signed ASUS driver into a read/write primitive over physical memory, enabling privilege escalation from admin to kernel and potential defense evasion. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to already hold local administrator privileges on a machine where the ASUS System Control Interface v3, legacy System Control Interface, or ASUS Business Manager driver is installed and loaded, and to send specially crafted IOCTL requests to that driver's device object. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H, base 8.4 High) is internally consistent with the description: local vector, low complexity, but high privileges required - the attacker must already be a local administrator. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has already gained local administrator rights on an ASUS commercial notebook - via phishing, a prior exploit, or a malicious insider - opens the ASUS System Control Interface driver's device handle and sends crafted IOCTL requests specifying attacker-chosen physical addresses. Using the resulting kernel-grade read/write primitive, they patch kernel structures to disable EDR, escalate to SYSTEM/kernel, or read sensitive memory. … |
| Remediation | Apply the ASUS-provided update referenced in the 'Security Update for ASUS System Control Interface' section of the ASUS Security Advisory (https://www.asus.com/security-advisory); a fixed version is indicated by the vendor advisory but no exact patched version number is present in the provided data, so confirm the target build directly from that advisory (Patch available per vendor advisory). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours, inventory all systems running ASUS System Control Interface v3/legacy and ASUS Business Manager drivers. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in System Control Interface V3
View allLocal information disclosure and denial of service in the ASUS System Control Interface driver (v3 and earlier) and ASUS
Out-of-bounds memory read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager
Same weakness CWE-822 – Untrusted Pointer Dereference
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44589
GHSA-cvqr-f3j3-pp87