CVE-2026-7480

Severity CVSS v4.0:
HIGH
Type:
Unavailable / Other
Publication date:
29/05/2026
Last modified:
29/05/2026

Description

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism.<br /> Refer to the &amp;#39;Security Update for ASUS System Control Interface&amp;#39; section on the ASUS Security Advisory for more information.

References to Advisories, Solutions, and Tools