CVE-2025-3463

CRITICAL

ASUS DriverHub - Buffer Overflow

Title source: llm

Description

"This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation vulnerability in ASUS DriverHub may allow untrusted sources to affect system behavior via crafted HTTP requests. Refer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.

References (2)

[Various Sources] https://mrbruh.com/asusdriverhub/

[Various Sources] https://www.asus.com/content/asus-product-security-advisory/

Scores

CVSS v4 9.4

EPSS 0.0048

EPSS Percentile 65.2%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-295

Status published

Products (1)

ASUS/DriverHub before 1.0.6.0

Published May 09, 2025

Tracked Since Feb 18, 2026