Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe cases, may lead to a Denial of Service (DoS) on the system.
Refer to the '
Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information.
Metrics
Affected Vendors & Products
References
| Link | Providers |
|---|---|
| https://www.asus.com/security-advisory/ |
|
History
Wed, 15 Jul 2026 02:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe cases, may lead to a Denial of Service (DoS) on the system. Refer to the ' Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information. | |
| First Time appeared |
Asus
Asus business Manager Asus system Control Interface Asus system Control Interface V3 |
|
| Weaknesses | CWE-226 CWE-770 |
|
| CPEs | cpe:2.3:a:asus:business_manager:*:*:*:*:*:*:*:* cpe:2.3:a:asus:system_control_interface:*:*:*:*:*:*:*:* cpe:2.3:a:asus:system_control_interface_v3:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Asus
Asus business Manager Asus system Control Interface Asus system Control Interface V3 |
|
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: ASUS
Published: 2026-07-15T02:01:10.343Z
Updated: 2026-07-15T02:01:10.343Z
Reserved: 2026-06-29T00:35:42.676Z
Link: CVE-2026-13585
No data.
No data.
No data.