QSearchQSearch

CVE-2026-7480

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate pr...

Published: 2026-05-29 · Last updated: 2026-05-29

Severity and scoring

CWE
CWE-732

Description

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control Interface' section on the ASUS Security Advisory for more information.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-53856 OpenClaw before 2026.4.24 contains an insecure file permissions vulnerability in config recovery that restores OpenClaw.json with overly ... (5.5 MEDIUM)
  • CVE-2026-0271 A privilege escalation (PE) vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux devices enables a local user to exec...
  • CVE-2026-50570 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (8.5 HIGH)
  • CVE-2026-26422 clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation (8.4 HIGH)
  • CVE-2026-50590 In Mimecast Incydr before 2.6.0, arbitrary file access can occur (4.5 MEDIUM)