CVE-2025-3462

Severity CVSS v4.0:

HIGH

Type:

Unavailable / Other

Publication date:

09/05/2025

Last modified:

12/05/2025

Description

"This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation in ASUS DriverHub may allow unauthorized sources to interact with the software&#39;s features via crafted HTTP requests.<br /> Refer to the &#39;Security Update for ASUS DriverHub&#39; section on the ASUS Security Advisory for more information.

Impact

Vector 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:H CVSS v4.0 Severity and Metrics:

Base Score: 8.40 HIGH
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:H

Attack Vector (AV): Network
Attack Complexity (AC): Low
Attack Requirements (AT): None
Privileges Required (PR): None
User Interaction (UI): Passsive
Confidentiality (VC): Low
Integrity (VI): Low
Availability (VA): High
Confidentiality (SC): None
Integrity (SI): None
Availability (SA): High

Base Score 4.0

8.40

Severity 4.0

HIGH

CVE-2025-3462

Description

Impact

References to Advisories, Solutions, and Tools