Vulnerability Description
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the "Security Update for ASUS Business System Control Interface" section on the ASUS Security Advisory for more information.
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-15038?
CVE-2025-15038 is a documented vulnerability. An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL r...
How severe is CVE-2025-15038?
CVSS scoring is not yet available for CVE-2025-15038. Check NVD for updates.
Is there a patch for CVE-2025-15038?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.