Primary

Context

ASUS MyASUS Insecure Key Storage Vulnerability Allowing Unauthorized Token Access

Vulnerability

Patched

A vulnerability exists in MyASUS versions 4.0.35.0 and earlier, related to insecure storage of sensitive keys. This flaw could enable an unauthorized actor to obtain a token for communication with certain services.

Impact

Exploitation of this vulnerability could lead to unauthorized access tokens being obtained, potentially allowing for unauthorized communication with specific services.

Remediation

Users are advised to update to the latest version of MyASUS. Instructions for updating can be found on the ASUS Security Advisory page.

Added: Jul 21, 2025, 8:21 AM

Updated: Jul 21, 2025, 10:38 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.3

exploitability

3.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.3

exploitability

3.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ASUS MyASUS Insecure Key Storage Vulnerability Allowing Unauthorized Token Access

Vulnerability

Impact

Remediation

Affected Products

ASUS MyASUS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating