Description
Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protections.
Refer to the '
Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information.
Refer to the '
Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
| Link | Providers |
|---|---|
| https://www.asus.com/security-advisory |
|
History
Wed, 15 Jul 2026 02:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protections. Refer to the ' Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information. | |
| First Time appeared |
Asus
Asus business Manager Asus system Control Interface Asus system Control Interface V3 |
|
| Weaknesses | CWE-822 | |
| CPEs | cpe:2.3:a:asus:business_manager:*:*:*:*:*:*:*:* cpe:2.3:a:asus:system_control_interface:*:*:*:*:*:*:*:* cpe:2.3:a:asus:system_control_interface_v3:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Asus
Asus business Manager Asus system Control Interface Asus system Control Interface V3 |
|
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: ASUS
Published:
Updated: 2026-07-15T14:23:38.260Z
Reserved: 2026-07-08T07:18:44.846Z
Link: CVE-2026-15029
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-15T18:30:15Z
Weaknesses