External Control of File Name or Path Vulnerability in ASUS Business Manager
CVE-2026-8921
8.5HIGH
What is CVE-2026-8921?
An external control of file name or path vulnerability exists in ASUS Business Manager, enabling local users to exploit it by sending tampered IPC messages. This can lead to arbitrary code execution with SYSTEM privileges, compromising system integrity and security. For detailed information about the security implications and mitigation strategies, refer to the Security Update for ASUS Business Manager on the ASUS Security Advisory page.
Affected Version(s)
ASUS Business Manager 0