CVE-2025-4570_CVE-2025-4570

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Description

An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized actor to obtain a token that could be used to communicate with certain services.

Refer to the 'Security Update for for MyASUS' section on the ASUS Security Advisory for more information.

Basic Information

ID CVE-2025-4570

Source ASUS

Published Jul 21, 2025 at 07:52

Modified Jul 22, 2025 at 02:15

Affected Product

Vendor ASUS

Product MyASUS

Version 4.0.35.0 and earlier

Affected Versions ASUS MyASUS 4.0.35.0 and earlier

CWE Classification

CWE-798

References

www.asus.com /content/security-advisory/

{
    "lastseen": "",
    "description": "An insecure sensitive key storage issue was found in MyASUS.\u00a0potentially allowing unauthorized actor to obtain a token that could be used to communicate with certain services.\n\n\nRefer to the 'Security Update for for MyASUS' section on the ASUS Security Advisory for more information.",
    "published": "2025-07-21T07:52:00.800Z",
    "modified": "2025-07-22T02:15:20.471Z",
    "type": "cve",
    "title": "CVE-2025-4570",
    "source": "ASUS",
    "references": "https://www.asus.com/content/security-advisory/",
    "id": "CVE-2025-4570",
    "bulletinFamily": "",
    "cwe": [
        "CWE-798"
    ],
    "cvelist": null,
    "sourceData": "ASUS MyASUS 4.0.35.0 and earlier",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MyASUS",
    "version": "4.0.35.0 and earlier",
    "vendor": "ASUS",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}