Primary

Context

ASUS System Control Interface Incorrect Permission Assignment Vulnerability Allowing Privilege Escalation

Vulnerability

Patched

A vulnerability in ASUS System Control Interface allows local users to elevate privileges to SYSTEM and execute arbitrary code. This issue arises from an incorrect permission assignment for critical resources, enabling crafted RPC calls to bypass the validation mechanism. The vulnerability affects versions through 3.1.59.0 (x64) and 3.2.60.0 (ARM).

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a local user to gain SYSTEM rights and execute arbitrary code with those elevated privileges.

Remediation

Users can refer to the 'Security Update for ASUS System Control Interface' section on the ASUS Security Advisory page for update instructions.

Added: May 29, 2026, 2:18 AM

Updated: May 29, 2026, 2:18 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

3.3

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

3.3

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ASUS System Control Interface Incorrect Permission Assignment Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

ASUS System Control Interface

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating