Asus
Products by Asus Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2022 there have been 4 vulnerabilities in Asus with an average score of 8.4 out of ten. Last year Asus had 3 security vulnerabilities published. That is, 1 more vulnerability have already been reported in 2022 as compared to last year. However, the average CVE base score of the vulnerabilities in 2022 is greater by 1.48.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2022 | 4 | 8.35 |
| 2021 | 3 | 6.87 |
| 2020 | 3 | 6.03 |
| 2019 | 2 | 9.30 |
| 2018 | 2 | 9.80 |
It may take a day or so for new Asus vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Asus Security Vulnerabilities
ASUS WebStorage has a hardcoded API Token in the APP source code
CVE-2022-26672
9.8 - Critical
- April 22, 2022
ASUS WebStorage has a hardcoded API Token in the APP source code. An unauthenticated remote attacker can use this token to establish connections with the server and carry out login attempts to general user accounts. A successful login to a general user account allows the attacker to access, modify or delete this user account information.
Use of Hard-coded Credentials
The System Diagnosis service of MyASUS before 3.1.2.0
CVE-2022-22814
9.8 - Critical
- March 10, 2022
The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation.
Improper Privilege Management
ROG Live Services function for deleting temp files created by installation has an improper link resolution before file access vulnerability
CVE-2022-22262
7.7 - High
- March 01, 2022
ROG Live Services function for deleting temp files created by installation has an improper link resolution before file access vulnerability. Since this function does not validate the path before deletion, an unauthenticated local attacker can create an unexpected symbolic link to system file path, to delete arbitrary system files and disrupt system service.
insecure temporary file
Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931
CVE-2021-46109
6.1 - Medium
- January 03, 2022
Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack.
XSS
ASUS ROG Armoury Crate Lite before 4.2.10
CVE-2021-40981
7.3 - High
- September 27, 2021
ASUS ROG Armoury Crate Lite before 4.2.10 allows local users to gain privileges by placing a Trojan horse file in the publicly writable %PROGRAMDATA%\ASUS\GamingCenterLib directory.
DLL preloading
AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to trigger a stack-based buffer overflow
CVE-2021-28686
5.5 - Medium
- April 08, 2021
AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to trigger a stack-based buffer overflow. This could enable low-privileged users to achieve Denial of Service via a DeviceIoControl.
Memory Corruption
AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory (by calling one of several driver routines
CVE-2021-28685
7.8 - High
- April 08, 2021
AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory (by calling one of several driver routines that map physical memory into the virtual address space of the calling process) and to interact with MSR registers. This could enable low-privileged users to achieve NT AUTHORITY\SYSTEM privileges via a DeviceIoControl.
Improper Privilege Management
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL
CVE-2020-12695
7.5 - High
- June 08, 2020
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
Incorrect Default Permissions
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices
CVE-2018-8877
5.3 - Medium
- February 27, 2020
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network IP address ranges by reading the new_lan_ip variable on the error_page.htm page.
Information Disclosure
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices
CVE-2018-8878
5.3 - Medium
- February 27, 2020
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network devices' hostnames and MAC addresses by reading the custom_id variable on the blocking.asp page.
Information Disclosure
AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \\
CVE-2019-10709
9.8 - Critical
- September 04, 2019
AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \\.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call.
Permissions, Privileges, and Access Controls
A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an attacker in the same local area network to list user accounts and control IoT devices
CVE-2019-11063
8.8 - High
- August 29, 2019
A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an attacker in the same local area network to list user accounts and control IoT devices that connect with its gateway (HG100) via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
Missing Authentication for Critical Function
An issue was discovered in AsusWRT before 3.0.0.4.384_10007
CVE-2018-5999
9.8 - Critical
- January 22, 2018
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, processing of POST requests continues even if authentication fails.
An issue was discovered in AsusWRT before 3.0.0.4.384_10007
CVE-2018-6000
9.8 - Critical
- January 22, 2018
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.
AuthZ