Vulnerability Description
An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources during the validation phase, permitting a local user to make unprivileged modifications. This allows the altered resource to pass system checks and be executed with elevated privileges upon a user-initiated update. Refer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.
Related Weaknesses (CWE)
References
FAQ
What is CVE-2026-1880?
CVE-2026-1880 is a documented vulnerability. An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources durin...
How severe is CVE-2026-1880?
CVSS scoring is not yet available for CVE-2026-1880. Check NVD for updates.
Is there a patch for CVE-2026-1880?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.