CVE-2026-8921
8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary
External Control of File Name or Path vulnerability in ASUS Business Manager allows a local user to execute arbitrary code with SYSTEM privileges via a tampered IPC message. Refer to the ' Security Update for ASUS Business Manager ' section on the ASUS Security Advisory for more information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ASUS | ASUS Business Manager | 0 <= v3.0.38.0 | affected |
Weaknesses
- CWE-73: CWE-73 External control of file name or path
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.