Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protections.
Refer to the '
Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information.
Metrics
Affected Vendors & Products
References
| Link | Providers |
|---|---|
| https://www.asus.com/security-advisory |
|
History
Wed, 15 Jul 2026 02:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protections. Refer to the ' Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information. | |
| First Time appeared |
Asus
Asus business Manager Asus system Control Interface Asus system Control Interface V3 |
|
| Weaknesses | CWE-822 | |
| CPEs | cpe:2.3:a:asus:business_manager:*:*:*:*:*:*:*:* cpe:2.3:a:asus:system_control_interface:*:*:*:*:*:*:*:* cpe:2.3:a:asus:system_control_interface_v3:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Asus
Asus business Manager Asus system Control Interface Asus system Control Interface V3 |
|
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: ASUS
Published: 2026-07-15T02:01:33.203Z
Updated: 2026-07-15T02:01:33.203Z
Reserved: 2026-07-08T07:18:44.846Z
Link: CVE-2026-15029
No data.
No data.
No data.