CVE-2026-15030

Summary

Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security Update for ASUS System Control Interface  ' section on the ASUS Security Advisory for more information.

Affected Software

VendorProductVersion RangeStatus
ASUSSystem Control Interface v30 < v3.1.65.0affected
ASUSSystem Control Interface0 < v1.1.40.0affected
ASUSBusiness Manager0 <= v3.0.38.0affected

Weaknesses

  • CWE-125: CWE-125: Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References