CVE-2025-12793
Unknown
Unknown - Not Provided
Uncontrolled DLL Loading in AsusSoftwareManagerAgent Enables Code Execution
Publication date: 2026-01-06
Last updated on: 2026-01-06
Assigner: ASUS
Description
Description
An uncontrolled DLL loading path vulnerability exists in AsusSoftwareManagerAgent. A local attacker may influence the application to load a DLL from an attacker-controlled location, potentially resulting in arbitrary code execution.
Refer to the '
Security Update for MyASUS' section on the ASUS Security Advisory for more information.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| asus | myasus | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-426 | The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an uncontrolled DLL loading path issue in AsusSoftwareManagerAgent. It allows a local attacker to influence the application to load a DLL from a location controlled by the attacker, which can lead to arbitrary code execution.
How can this vulnerability impact me? :
The vulnerability can allow a local attacker to execute arbitrary code on the affected system by tricking the application into loading a malicious DLL. This could lead to unauthorized actions, system compromise, or further attacks.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70