CVE-2026-1880_CVE-2026-1880

5.4 / 10

MEDIUM

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources during the validation phase, permitting a local user to make unprivileged modifications. This allows the altered resource to pass system checks and be executed with elevated privileges upon a user-initiated update.
Refer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.

Basic Information

ID CVE-2026-1880

Source ASUS

Published Apr 16, 2026 at 02:00

Modified Apr 16, 2026 at 02:10

Affected Product

Vendor ASUS

Product DriverHub

Affected Versions ASUS DriverHub 0

CWE Classification

CWE-367

References

www.asus.com /security-advisory

{
    "lastseen": "",
    "description": "An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources during the validation phase, permitting a local user to make unprivileged modifications. This allows the altered resource to pass system checks and be executed with elevated privileges upon a user-initiated update.\nRefer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.",
    "published": "2026-04-16T02:00:36.112Z",
    "modified": "2026-04-16T02:10:09.128Z",
    "type": "cve",
    "title": "CVE-2026-1880",
    "source": "ASUS",
    "references": "https://www.asus.com/security-advisory",
    "id": "CVE-2026-1880",
    "bulletinFamily": "",
    "cwe": [
        "CWE-367"
    ],
    "cvelist": null,
    "sourceData": "ASUS DriverHub 0",
    "sourceHref": "",
    "cvss": {
        "score": 5.4,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DriverHub",
    "version": "0",
    "vendor": "ASUS",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}