CVE-2026-15029
Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local a
CVSS
—
No CVSS
EPSS
0.1%
p2
KEV
—
Exploit Today
1
0-100
Published: Jul 15, 2026 · Last modified: Jul 15, 2026 · CWE-822
0.1%EPSS · 30 days0.1%
2026-07-152026-07-16
Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protections. Refer to the ' Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information.
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-504247.5 HIG53.5%
——16Untrusted pointer dereference in Windows Domain Controller allows an unauthorized attacker to deny service over a network.2dCVE-2026-585968.3 HIG36.4%
——11Untrusted pointer dereference in Microsoft Edge (Chromium-based) allows an unauthorized attacker to elevate privileges over a network.3dCVE-2026-485805.5 MED36.2%
——11Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.1dCVE-2026-456457.8 HIG29.4%
——9Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.8dCVE-2026-551385.5 MED26.7%
——8Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.2dCVE-2026-504797.8 HIG23.9%
——7Untrusted pointer dereference in Windows USB Hub Driver allows an authorized attacker to elevate privileges locally.2h