NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-1880

Summary	An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources during the validation phase, permitting a local user to make unprivileged modifications. This allows the altered resource to pass system checks and be executed with elevated privileges upon a user-initiated update. Refer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.
Publication Date	April 16, 2026, 12:16 p.m.
Registration Date	April 17, 2026, 4:12 a.m.
Last Update	April 16, 2026, 12:16 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://www.asus.com/security-advisory	54bf65a7-a193-42d2-b1ba-8e150d3c35e1

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-367	Time-of-check Time-of-use (TOCTOU) 競合状態	https://cwe.mitre.org/data/definitions/367.html