CVE-2025-3462
CVE-2025-3462
8.4
HighPublished:
Last updated:
Source:54bf65a7-a193-42d2-b1ba-8e150d3c35e1
Deferred
Weakness (CWE)
CVSS Vector
v4.0- Attack Vector
- Network
- Attack Complexity
- Low
- Attack Requirements
- None
- Privileges Required
- None
- User Interaction
- Passive
- Confidentiality (Vulnerable)
- Low
- Integrity (Vulnerable)
- Low
- Availability (Vulnerable)
- High
- Confidentiality (Subsequent)
- None
- Integrity (Subsequent)
- None
- Availability (Subsequent)
- High
Description
"This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation in ASUS DriverHub may allow unauthorized sources to interact with the software's features via crafted HTTP requests. Refer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.
References
54bf65a7-a193-42d2-b1ba-8e150d3c35e1
https://www.asus.com/content/asus-product-security-advisory/af854a3a-2127-422b-91ae-364da2661108
https://mrbruh.com/asusdriverhub/