← Back to CVEs
CVE-2025-15037
N/ADescription
An Incorrect Permission Assignment vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to unauthorized access to sensitive hardware resources and kernel information disclosure. Refer to the "ASUS Business System Control Interface" section on the ASUS Security Advisory for more information.
CVE Details
CVSS v3.1 ScoreN/A
Published3/12/2026
Last Modified3/12/2026
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-732
References
https://www.asus.com/content/security-advisory/(54bf65a7-a193-42d2-b1ba-8e150d3c35e1)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.