Auth bypass in Asus Business Manager
CVE-2025-13348
An improper access control vulnerability exists in ASUS Secure Delete Driver of ASUS Business Manager. This vulnerability can be triggered by a local user sending a specially crafted request, potentially leading to the creation of arbitrar…
Vulnerability class: Broken Access Control
EPSS: 0.001 (1.2th percentile) — read the EPSS interpretation.
Affected products
- Asus Business Manager — versions 0
Weakness classification (CWE)
References
- 54bf65a7-a193-42d2-b1ba-8e150d3c35e1 (vendor-advisory)