CVE-2025-6398

A null pointer dereference vulnerability exists in the IOMap64.sys driver of ASUS AI Suite 3. The vulnerability can be triggered by a specially crafted input, which may lead to a system crash (BSOD). Refer to the ' Security Update for for AI Suite 3 ' section on the ASUS Security Advisory for more information.

CVSS

No CVSS.

References

Link	Resource
https://www.asus.com/content/security-advisory/

Configurations

No configuration.

History

04 Aug 2025, 15:06

Type	Values Removed	Values Added
Summary		(es) Existe una vulnerabilidad de desreferencia de puntero nulo en el controlador IOMap64.sys de ASUS AI Suite 3. Esta vulnerabilidad puede ser activada por una entrada especialmente manipulada, lo que puede provocar un bloqueo del sistema (BSOD). Consulte la sección "Actualización de seguridad para AI Suite 3" en el Aviso de seguridad de ASUS para obtener más información.

01 Aug 2025, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-01 09:15

Updated : 2025-08-04 15:06

NVD link : CVE-2025-6398

Mitre link : CVE-2025-6398

CVE.ORG link : CVE-2025-6398

JSON object : View

Products Affected

No product.

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2025-6398", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.7, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-08-01T09:15:33.450", "references": [{"url": "https://www.asus.com/content/security-advisory/", "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "A null pointer dereference vulnerability exists in the IOMap64.sys driver of ASUS AI Suite 3. The vulnerability can be triggered by a specially crafted input, which may lead to a system crash (BSOD). Refer to the '\n\nSecurity Update for for AI Suite 3\n\n' section on the ASUS Security Advisory for more information."}, {"lang": "es", "value": "Existe una vulnerabilidad de desreferencia de puntero nulo en el controlador IOMap64.sys de ASUS AI Suite 3. Esta vulnerabilidad puede ser activada por una entrada especialmente manipulada, lo que puede provocar un bloqueo del sistema (BSOD). Consulte la secci\u00f3n \"Actualizaci\u00f3n de seguridad para AI Suite 3\" en el Aviso de seguridad de ASUS para obtener m\u00e1s informaci\u00f3n."}], "lastModified": "2025-08-04T15:06:15.833", "sourceIdentifier": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1"}