ASUS has introduced updates to mitigate two significant security vulnerabilities affecting its DriverHub software. These flaws, if exploited, could allow an attacker to execute remote code on a victim’s machine.

DriverHub is a utility designed to automatically identify the motherboard model and present the necessary driver updates for installation, relying on a specific website for this process.

The vulnerabilities are classified as follows:

• CVE-2025-3462 (CVSS score: 8.4): This involves an origin validation error that permits unauthorized entities to manipulate the software through crafted HTTP requests.
• CVE-2025-3463 (CVSS score: 9.4): An improper certificate validation vulnerability that may enable untrusted sources to alter system behavior via similarly crafted HTTP requests.

MrBruh, a security researcher who uncovered and reported these vulnerabilities, noted that they could be exploited in a straightforward manner to achieve remote code execution.

The attack method entails deceiving the user into accessing a subdomain of the DriverHub site, like driverhub.asus.com..com. Subsequently, the attacker can trick the DriverHub’s UpdateApp endpoint into executing a legitimate version of "AsusSetup.exe" with a parameter allowing the execution of a payload hosted on the counterfeit domain.

When "AsusSetup.exe" runs, it first processes "AsusSetup.ini," which contains metadata about the driver. The execution with the silent install flag enables the execution of whatever is defined in the "SilentInstallRun" parameter of the ini file. This could lead to the automatic installation of a potentially harmful driver.

An attacker merely has to create a domain that hosts three files: the malicious payload, a modified AsusSetup.ini with the "SilentInstallRun" property pointing to the malicious binary, and AsusSetup.exe itself. This will allow the payload to execute.

After responsibly disclosing these findings on April 8, 2025, ASUS issued fixes on May 9. Currently, there’s no evidence of these vulnerabilities being exploited in the wild.

ASUS emphasized the importance of these updates, urging users to install the latest version of ASUS DriverHub by clicking the ‘Update Now’ button within the application.

Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.