Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
ASUS Business System Control Interface driver can leak system info or crash
CVE-2025-15038
Summary
A security flaw in the ASUS Business System Control Interface driver can be exploited by a local user to potentially reveal sensitive system information or cause a system crash. This affects ASUS Business System users, and it's essential to install the latest security update to mitigate the risk. Users should apply the security update as soon as possible to ensure the integrity of their system.
Original title
An Out-of-Bounds
Read vulnerability exists in the ASUS Business System
Control Interface driver. This vulnerability can be triggered by an unprivileged local user
sending a specially crafted IOCTL...
Original description
An Out-of-Bounds
Read vulnerability exists in the ASUS Business System
Control Interface driver. This vulnerability can be triggered by an unprivileged local user
sending a specially crafted IOCTL request, potentially leading
to a disclosure of
kernel information or a system crash. Refer to the "Security Update for ASUS
Business System Control Interface" section on the ASUS Security Advisory for more information.
Read vulnerability exists in the ASUS Business System
Control Interface driver. This vulnerability can be triggered by an unprivileged local user
sending a specially crafted IOCTL request, potentially leading
to a disclosure of
kernel information or a system crash. Refer to the "Security Update for ASUS
Business System Control Interface" section on the ASUS Security Advisory for more information.
nvd CVSS4.0
6.9
Vulnerability type
CWE-125
Out-of-bounds Read
Published: 12 Mar 2026 · Updated: 13 Mar 2026 · First seen: 12 Mar 2026