CVE-2025-4570

July 21, 2025 invoker category_cve

CVE Details

Basic Information

Title CVE-2025-4570
Type cve
Published 2025-07-21T07:52:00.800Z
Modified 2025-07-21T07:54:01.171Z

Product Information

Vendor ASUS
Product MyASUS
Version 4.0.35.0 and earlier

CVSS Information

Base Score 6.9 (MEDIUM)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Affected Products

  • ASUS MyASUS 4.0.35.0 and earlier

Additional Information

CWE List CWE-798
Source ASUS

Description

An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized actor to obtain a token that could be used to communicate with certain services.

Refer to the ‘Security Update for for MyASUS’ section on the ASUS Security Advisory for more information.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.