Vulnerability in Asus Member Center(华硕大厅)
CVE-2026-3428
A Download of Code Without Integrity Check vulnerability in the update modules in ASUS Member Center(华硕大厅) allows a local user to achieve privilege escalation to Administrator via exploitation of a Time-of-check Time-of-use (TOC-TOU) durin…
EPSS: 0.000 (0.2th percentile) — read the EPSS interpretation.
Affected products
- Asus Member Center(华硕大厅) — versions 1.6.6.4 and earlier
Weakness classification (CWE)
References
- www.asus.com/security-advisory/ (vendor-advisory)