<ul><li>Two vulnerabilities were found in DriverHub, pre-installed on Asus motherboards, allowing remote code execution via crafted HTTP requests.</li><li>The vulnerabilities, CVE-2025-3462 and CVE-2025-3463, were discovered by security researcher 'MrBruh' and could be exploited by a remote attacker to gain arbitrary code execution.</li><li>The flaws in DriverHub stem from insufficient validation, enabling misuse of features such as accepting requests from unauthorized domains.</li><li>Asus released security updates on May 9 in response to MrBruh's report, as the researcher highlighted the potential for remote code execution through the flawed DriverHub.</li></ul>

Researchers found one-click RCE in ASUS’s pre-installed software DriverHub

Discover more