CVE-2025-15037
NONE—CVSS v3
—CVSS v2
0.02%
EPSS (exploit probability)
CWE-732CWE
Description
An Incorrect
Permission Assignment vulnerability exists in the ASUS Business
System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a
specially crafted IOCTL request,
potentially leading to unauthorized access to sensitive hardware resources
and kernel information disclosure. Refer to the "ASUS Business System Control Interface" section on the ASUS Security Advisory for more information.
Affected routers (0)
No routers currently mapped to this CVE in our database.