Asus has released software updates to patch two security vulnerabilities affecting its DriverHub tool. If exploited, the bugs allowed an attacker to abuse DriverHub to run arbitrary code on a target’s system remotely.
The identified vulnerabilities include CVE-2025-3462 and CVE-2025-3463 with CVSS scores of 8.4 and 9.4, respectively. Both bugs allow unauthorised sources to interact with the software’s features via maliciously crafted HTTP requests.
The DriverHub tool is used to install the relevant motherboard drivers based on automatic detection of the motherboard model. It’s a rather important system utility, one that ensures users can get updated drivers for their hardware with ease instead of digging around with part and version numbers.
MrBruh, the security researcher who discovered the vulnerabilities, explains that the attack chain begins from running the DriverHub setup file with the -s flag, which does a silent install of the program.
However, during this silent installation, the setup will execute whatever command in a SilentInstallRun INI file. By default, the file includes a command-line script to run an automatic, headless installation, but the script can be replaced with anything.
This meant hackers could host malicious versions of the program with their custom SilentInstallRun files and include whatever malicious payload they wanted to run on the target’s system. Asus was notified of the vulnerabilities on April 8, 2025, and patched them in an update issued on May 9. There’s no evidence at the time of writing of the vulnerabilities being exploited in the wild.
That said, Asus’ patch doesn’t mean all users are safe. Hackers can still trick users into downloading older versions of the programs using fake domains or typosquatting to affect their systems. For everyone already using DriverHub, updating to the latest version should resolve the issue.
In the News: UIDAI runs facial identity scan test on NEET UG candidates
