AI description
CVE-2025-3463 is a vulnerability in ASUS DriverHub that stems from insufficient validation of HTTP requests. This flaw could allow unauthorized sources to affect system behavior by sending specially crafted HTTP requests to the DriverHub software. The vulnerability is limited to motherboards and does not affect laptops, desktop computers, or other endpoints. Successful exploitation could allow untrusted sources to interact with the software's features. ASUS urges users to update ASUS DriverHub to the latest version 1.0.6.0 or newer.
- Description
- "This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation vulnerability in ASUS DriverHub may allow untrusted sources to affect system behavior via crafted HTTP requests. Refer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.
- Source
- 54bf65a7-a193-42d2-b1ba-8e150d3c35e1
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 9.4
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
- 54bf65a7-a193-42d2-b1ba-8e150d3c35e1
- CWE-295
- Hype score
- Not currently trending
ASUS DriverHub の RCE 脆弱性 CVE-2025-3462/3463 が FIX:”.ini” ファイルの改竄は簡単 https://t.co/yCdkPw3Pol ASUS DriverHub の RCE 脆弱性 CVE-2025-3462/CVE-2025-3463 が FIX しました。いずれも CVSS 値が 8.0 以上の深刻な脆弱性です
@iototsecnews
23 May 2025
46 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 ASUS DriverHub Flaws Allow Remote Code Execution via Malicious Domains https://t.co/9PWK76KJwc ASUS has patched two critical vulnerabilities (CVE-2025-3462 & CVE-2025-3463) in its DriverHub utility. These flaws could let attackers execute code remotely by exploiting
@Huntio
19 May 2025
499 Impressions
5 Retweets
7 Likes
0 Bookmarks
0 Replies
0 Quotes
ASUSのドライバ管理ツール「DriverHub」に深刻な脆弱性(CVE-2025-3462およびCVE-2025-3463)が発見され、悪意あるWebサイトからのクリック1回で管理者権限のコード実行が可能となる恐れがあった。
@yousukezan
13 May 2025
905 Impressions
0 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
ASUS has patched critical RCE flaws in DriverHub (CVE-2025-3462 & CVE-2025-3463) that can be exploited via crafted HTTP requests and domains. Updates are essential to prevent malicious code execution. ⚠️ #SecurityUpdate #Japan #Tech https://t.co/kPRiNWIGRw
@TweetThreatNews
12 May 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 One Click. Full Control. Two critical flaws (CVE-2025-3462 & CVE-2025-3463) in ASUS DriverHub exposed users to remote code execution—just by clicking a malicious link. Patch released on May 9—but have you updated yet? 🔗 Read the full details → https://t.co/xr
@TheHackersNews
12 May 2025
11594 Impressions
42 Retweets
93 Likes
21 Bookmarks
2 Replies
3 Quotes
🚨 CVE-2025-3463 ⚠️🔴 CRITICAL (9.4) 🏢 ASUS - DriverHub 🏗️ before 1.0.6.0 🔗 https://t.co/4NXfmoPzQe #CyberCron #VulnAlert #InfoSec https://t.co/lNkTJ6GG8L
@cybercronai
9 May 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes