Skip to main content

Asus Business Manager

1 CVEs product

Monthly

CVE-2026-8921 HIGH This Week

Local privilege escalation to SYSTEM in ASUS Business Manager lets a low-privileged local user run arbitrary code by tampering with an inter-process communication (IPC) message that the software's privileged service trusts. Because the SYSTEM-level component controls a file name or path based on attacker-influenced IPC input (CWE-73), a standard user can coerce it into loading or executing attacker-chosen content. No public exploit has been identified at time of analysis and the flaw is not listed in CISA KEV; ASUS is the reporter and has issued a security advisory.

RCE Asus Business Manager
NVD
CVSS 4.0
8.5
EPSS
0.1%
EPSS 0% CVSS 8.5
HIGH This Week

Local privilege escalation to SYSTEM in ASUS Business Manager lets a low-privileged local user run arbitrary code by tampering with an inter-process communication (IPC) message that the software's privileged service trusts. Because the SYSTEM-level component controls a file name or path based on attacker-influenced IPC input (CWE-73), a standard user can coerce it into loading or executing attacker-chosen content. No public exploit has been identified at time of analysis and the flaw is not listed in CISA KEV; ASUS is the reporter and has issued a security advisory.

RCE Asus Business Manager
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy