CVE-2026-7480_CVE-2026-7480

7.3 / 10

HIGH

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism.
Refer to the 'Security Update for ASUS System Control Interface' section on the ASUS Security Advisory for more information.

Basic Information

ID CVE-2026-7480

Source ASUS

Published May 29, 2026 at 02:06

Affected Product

Vendor ASUS

Product ASUS System Control Interface

Version 3.1.59.0 and earlier

Affected Versions ASUS ASUS System Control Interface 3.1.59.0 and earlier
ASUS ASUS System Control Interface 3.2.60.0 and earlier

CWE Classification

CWE-732

References

www.asus.com /security-advisory/

{
    "lastseen": "",
    "description": "An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism.\nRefer to the 'Security Update for ASUS System Control Interface' section on the ASUS Security Advisory for more information.",
    "published": "2026-05-29T02:06:43.453Z",
    "modified": "2026-05-29T02:06:43.453Z",
    "type": "cve",
    "title": "CVE-2026-7480",
    "source": "ASUS",
    "references": "https://www.asus.com/security-advisory/",
    "id": "CVE-2026-7480",
    "bulletinFamily": "",
    "cwe": [
        "CWE-732"
    ],
    "cvelist": null,
    "sourceData": "ASUS ASUS System Control Interface 3.1.59.0 and earlier\nASUS ASUS System Control Interface 3.2.60.0 and earlier",
    "sourceHref": "",
    "cvss": {
        "score": 7.3,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ASUS System Control Interface",
    "version": "3.1.59.0 and earlier",
    "vendor": "ASUS",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}