Insecure Sensitive Key Storage in MyASUS by ASUS
CVE-2025-4569

7.7HIGH

Key Information:

Vendor: Asus
Status: Myasus
Vendor: CVE Published:; 21 July 2025

What is CVE-2025-4569?

A critical issue has been identified in MyASUS related to improper handling of sensitive key storage. This vulnerability may enable an unauthorized actor to extract a key token, which could potentially facilitate unauthorized communication with specific services, posing significant security risks to the affected systems. For detailed guidance and mitigation steps, please refer to the ASUS Security Advisory.

Affected Version(s)

MyASUS 4.0.35.0 and earlier

References

https://www.asus.com/content/security-advisory/

vendor-advisory

CVSS V4

Score:

7.7

Severity:

HIGH

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 21, 2025
Vulnerability Reserved
May 12, 2025

Asus

What is CVE-2025-4569?

Affected Version(s)

References

CVSS V4

Timeline