CVE-2025-3462
First published: Fri May 09 2025(Updated: )
"This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation in ASUS DriverHub may allow unauthorized sources to interact with the software's features via crafted HTTP requests. Refer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.
Credit: 54bf65a7-a193-42d2-b1ba-8e150d3c35e1
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ASUS DriverHub |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-3462?
CVE-2025-3462 is considered a high severity vulnerability due to insufficient validation allowing unauthorized access to ASUS DriverHub.
How do I fix CVE-2025-3462?
To fix CVE-2025-3462, users should update their ASUS DriverHub to the latest version provided by ASUS.
Which systems are affected by CVE-2025-3462?
CVE-2025-3462 specifically affects motherboards using the ASUS DriverHub and does not impact laptops or desktop computers.
What type of exploitation is possible with CVE-2025-3462?
CVE-2025-3462 allows unauthorized sources to interact with ASUS DriverHub features via crafted HTTP requests.
Is there a workaround for CVE-2025-3462?
Currently, the best approach to mitigating CVE-2025-3462 is to apply the official security update from ASUS.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/source
- agent/severity
- agent/author
- agent/tags
- agent/event
- vendor/asus
- canonical/asus driverhub