Uncontrolled DLL Loading Path Vulnerability in Asus Software Manager Agent
CVE-2025-12793

8.5HIGH

Key Information:

Vendor: Asus
Status: Asci
Vendor: CVE Published:; 6 January 2026

What is CVE-2025-12793?

A vulnerability in the Asus Software Manager Agent allows a local attacker to manipulate the application's DLL loading process. By influencing the application to load a DLL from a location controlled by the attacker, it could lead to arbitrary code execution. This poses significant risks for system integrity and user data. Users are encouraged to review the relevant security advisories for updates and mitigation strategies.

Affected Version(s)

ASCI 64 bit Before v3.1.49.0

ASCI 64 bit Before v1.1.37.0

ASCI ARM Before v3.2.50.0

References

https://www.asus.com/security-advisory

vendor-advisory

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Jan 6, 2026
Vulnerability Reserved
Nov 6, 2025

Credit

Daniel Rhea

JSON