CVE-2026-1880

Published: Apr 16, 2026

Modified: Apr 16, 2026

PUBLISHED

Description

An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources during the validation phase, permitting a local user to make unprivileged modifications. This allows the altered resource to pass system checks and be executed with elevated privileges upon a user-initiated update. Refer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.

Vendor	Product	Versions
ASUS	DriverHub	affected `0 - < 1.0.6.12`

Weaknesses (CWE)

CWE-367

References

https://www.asus.com/security-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-1880

Description

Affected Products

Weaknesses (CWE)

References