216.73.217.80

CVE-2025-13348

· Published 02/02/2026 02:16 · Modified 03/02/2026 16:44

Labels: CVE-2025-13348 2026-02-0254bf65a7-a193-42d2-b1ba-8e150d3c35e1CVE-2025-13348CWE-862

Essential information

Published
02/02/2026 02:16
Modified
03/02/2026 16:44
Author
Creator
CVSS
8.5 HIGH (v3) 8.5 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

An improper access control vulnerability exists in ASUS Secure Delete Driver of ASUS Business Manager. This vulnerability can be triggered by a local user sending a specially crafted request, potentially leading to the creation of arbitrary files in a specified path. Refer to the "Security Update for ASUS Business Manager" section on the ASUS Security Advisory for more information.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
54bf65a7-a193-42d2-b1ba-8e150d3c35e1
NVD
View on NVD

Affected products (CPE)

ProductCPE
asus / business manager cpe:2.3:a:asus:business_manager:*:*:*:*:*:*:*:*
asus / secure delete driver cpe:2.3:a:asus:secure_delete_driver:*:*:*:*:*:*:*:*

References