AI description
CVE-2025-3462 affects ASUS DriverHub and is limited to motherboards, not impacting laptops or desktop computers. The vulnerability stems from insufficient validation within the ASUS DriverHub software. This insufficient validation allows unauthorized sources to interact with the software's features through crafted HTTP requests. Further details can be found in the "Security Update for ASUS DriverHub" section of the ASUS Security Advisory.
- Description
- "This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation in ASUS DriverHub may allow unauthorized sources to interact with the software's features via crafted HTTP requests. Refer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.
- Source
- 54bf65a7-a193-42d2-b1ba-8e150d3c35e1
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 8.4
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- 54bf65a7-a193-42d2-b1ba-8e150d3c35e1
- CWE-346
- Hype score
- Not currently trending
ASUS DriverHub の RCE 脆弱性 CVE-2025-3462/3463 が FIX:”.ini” ファイルの改竄は簡単 https://t.co/yCdkPw3Pol ASUS DriverHub の RCE 脆弱性 CVE-2025-3462/CVE-2025-3463 が FIX しました。いずれも CVSS 値が 8.0 以上の深刻な脆弱性です
@iototsecnews
23 May 2025
46 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 ASUS DriverHub Flaws Allow Remote Code Execution via Malicious Domains https://t.co/9PWK76KJwc ASUS has patched two critical vulnerabilities (CVE-2025-3462 & CVE-2025-3463) in its DriverHub utility. These flaws could let attackers execute code remotely by exploiting
@Huntio
19 May 2025
499 Impressions
5 Retweets
7 Likes
0 Bookmarks
0 Replies
0 Quotes
ASUSのドライバ管理ツール「DriverHub」に深刻な脆弱性(CVE-2025-3462およびCVE-2025-3463)が発見され、悪意あるWebサイトからのクリック1回で管理者権限のコード実行が可能となる恐れがあった。
@yousukezan
13 May 2025
905 Impressions
0 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
ASUS has patched critical RCE flaws in DriverHub (CVE-2025-3462 & CVE-2025-3463) that can be exploited via crafted HTTP requests and domains. Updates are essential to prevent malicious code execution. ⚠️ #SecurityUpdate #Japan #Tech https://t.co/kPRiNWIGRw
@TweetThreatNews
12 May 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 One Click. Full Control. Two critical flaws (CVE-2025-3462 & CVE-2025-3463) in ASUS DriverHub exposed users to remote code execution—just by clicking a malicious link. Patch released on May 9—but have you updated yet? 🔗 Read the full details → https://t.co/xr
@TheHackersNews
12 May 2025
11594 Impressions
42 Retweets
93 Likes
21 Bookmarks
2 Replies
3 Quotes
🚨 CVE-2025-3462 🔴 HIGH (8.4) 🏢 ASUS - DriverHub 🏗️ before 1.0.6.0 🔗 https://t.co/4NXfmoPzQe #CyberCron #VulnAlert #InfoSec https://t.co/No2D3wLlKK
@cybercronai
9 May 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes