heise PlusAbo
Anzeige

Security problem: Hard-coded access data jeopardizes PCs with MyASUS

Attackers can attack the MyASUS service tool and influence certain services. Security updates are available.

listen Print view

(Image: AFANASEV IVAN/Shutterstock.com)

1 min. read
Security
By

The MyASUS app can become a gateway for attackers. Two security vulnerabilities are to blame, but these have now been closed. If you do not update the tool, you risk unauthorized access to certain services.

Protect systems from possible attacks

This is the result of a warning message from the computer manufacturer. The two vulnerabilities (CVE-2025-4569 “high”, CVE-2025-4579 “medium”) affect the manufacturer's computers from the all-in-one PC, desktop, NUC, and laptop ranges.

Videos by heise

Attacks can take place because of hard-coded access data in the form of a token. Equipped with this token, attackers can access certain unspecified services. The developers claim to have solved the security problems in versions 4.0.36.0 (x64) and 4.2.35.0 (ARM). It is currently not known whether there are already attacks.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten