Auth bypass in Asus Business Manager

CVE-2025-13348

An improper access control vulnerability exists in ASUS Secure Delete Driver of ASUS Business Manager. This vulnerability can be triggered by a local user sending a specially crafted request, potentially leading to the creation of arbitrar…

Vulnerability class: Broken Access Control

EPSS: 0.001 (1.2th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References