Untrusted Pointer Dereference in ASUS System Control Interface Products
CVE-2026-15029

8.4HIGH

What is CVE-2026-15029?

This vulnerability allows local administrators to bypass OS-enforced memory protections through crafted IOCTL requests directed at the ASUS System Control Interface, leading to unauthorized memory read and write operations. This can significantly compromise system security and integrity. For more details, please visit the ASUS Security Advisory.

Affected Version(s)

Business Manager 0

System Control Interface 0

System Control Interface v3 0

References

CVSS V4

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.