Primary

Context

ASUS MyASUS Insecure Key Storage Vulnerability Allowing Unauthorized Token Access

Vulnerability

Patched

A vulnerability exists in MyASUS versions through 4.0.35.0, related to insecure storage of sensitive keys. This flaw could enable an unauthorized actor to obtain a token for communication with certain services.

Impact

Exploitation of this vulnerability could lead to unauthorized access tokens being obtained, potentially allowing for unauthorized communication with specific services.

Remediation

Users can refer to the 'Security Update for MyASUS' section on the ASUS Security Advisory page for update instructions.

Added: Jul 21, 2025, 8:23 AM

Updated: Jul 21, 2025, 10:35 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.3

exploitability

3.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.3

exploitability

3.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ASUS MyASUS Insecure Key Storage Vulnerability Allowing Unauthorized Token Access

Vulnerability

Impact

Remediation

Affected Products

ASUS MyASUS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating