ASUS

ASUS, a major manufacturer of consumer and enterprise computing hardware and components, has a high-severity local privilege escalation vulnerability (CVSS 7.8) that requires local access and low-level user privileges to exploit, but once successful grants complete control over system confidentiality, integrity, and availability. The vulnerability was reported in March 2026 with a patch deadline of July 2026, giving the vendor four months to develop and release a fix. Security teams should monitor ASUS product update channels and prioritize patching once available, particularly for systems where non-administrative users have local access.