CVE-2026-13585
Severity CVSS v4.0:
HIGH
Type:
CWE-226
Sensitive Information in Resource Not Removed Before Reuse
Publication date:
15/07/2026
Last modified:
15/07/2026
Description
Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe cases, may lead to a Denial of Service (DoS) on the system.<br />
Refer to the &#39; <br />
Security Update for ASUS System Control Interface &#39; section on the ASUS Security Advisory for more information.
Impact
Base Score 4.0
8.20
Severity 4.0
HIGH



