{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1878", "assignerOrgId": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "state": "PUBLISHED", "assignerShortName": "ASUS", "dateReserved": "2026-02-04T07:15:59.413Z", "datePublished": "2026-03-12T02:02:52.716Z", "dateUpdated": "2026-03-13T03:55:39.102Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "shortName": "ASUS", "dateUpdated": "2026-03-12T02:02:52.716Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-494", "description": "CWE-494 Download of Code Without Integrity Check", "type": "CWE"}]}], "affected": [{"vendor": "ASUS", "product": "Driver( Keyboard & Mouse )", "versions": [{"status": "affected", "version": "0", "lessThan": "1.0.66.0", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "ASUS", "product": "Driver( Headset )", "versions": [{"status": "affected", "version": "0", "lessThan": "1.0.12.0", "versionType": "custom"}], "defaultStatus": "unaffected"}], "cpeApplicability": [{"operator": "OR", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:asus:driver_keyboard_mouse_:*:*:*:*:*:*:*:*", "versionStartIncluding": "0", "versionEndExcluding": "1.0.66.0"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:asus:driver_headset_:*:*:*:*:*:*:*:*", "versionStartIncluding": "0", "versionEndExcluding": "1.0.12.0"}]}]}], "descriptions": [{"lang": "en", "value": "An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access control on the installation directory, which enables the exploitation of a race condition where the legitimate installer is substituted with an unexpected payload immediately after download, resulting in arbitrary code execution.\u00a0Refer to the \"Security Update for ASUS ROG peripheral driver\" section on the ASUS Security Advisory for more information.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access control on the installation directory, which enables the exploitation of a race condition where the legitimate installer is substituted with an unexpected payload immediately after download, resulting in arbitrary code execution.&nbsp;<span>Refer to the \"</span><span>Security Update for ASUS ROG peripheral driver</span><span>\" section on the ASUS Security Advisory for more information.</span>"}]}], "references": [{"url": "https://www.asus.com/security-advisory/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.4, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-12T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-1878"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-13T03:55:39.102Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1878", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-12T13:14:46.575261Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T13:14:49.518Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.4, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "ASUS", "product": "Driver( Keyboard & Mouse )", "versions": [{"status": "affected", "version": "0", "lessThan": "1.0.66.0", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "ASUS", "product": "Driver( Headset )", "versions": [{"status": "affected", "version": "0", "lessThan": "1.0.12.0", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.asus.com/security-advisory/"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access control on the installation directory, which enables the exploitation of a race condition where the legitimate installer is substituted with an unexpected payload immediately after download, resulting in arbitrary code execution.\u00a0Refer to the \"Security Update for ASUS ROG peripheral driver\" section on the ASUS Security Advisory for more information.", "supportingMedia": [{"type": "text/html", "value": "An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access control on the installation directory, which enables the exploitation of a race condition where the legitimate installer is substituted with an unexpected payload immediately after download, resulting in arbitrary code execution.&nbsp;<span>Refer to the \"</span><span>Security Update for ASUS ROG peripheral driver</span><span>\" section on the ASUS Security Advisory for more information.</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-494", "description": "CWE-494 Download of Code Without Integrity Check"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:asus:driver_keyboard_mouse_:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "1.0.66.0", "versionStartIncluding": "0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:asus:driver_headset_:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "1.0.12.0", "versionStartIncluding": "0"}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "shortName": "ASUS", "dateUpdated": "2026-03-12T02:02:52.716Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1878", "state": "PUBLISHED", "dateUpdated": "2026-03-13T03:55:39.102Z", "dateReserved": "2026-02-04T07:15:59.413Z", "assignerOrgId": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "datePublished": "2026-03-12T02:02:52.716Z", "assignerShortName": "ASUS"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver installation process allows privilege escalation to SYSTEM. The vulnerability is due to improper access control on the installation directory, which enables the exploitation of a race condition where the legitimate installer is substituted with an unexpected payload immediately after download, resulting in arbitrary code execution.\u00a0Refer to the \"Security Update for ASUS ROG peripheral driver\" section on the ASUS Security Advisory for more information."}, {"lang": "es", "value": "Una vulnerabilidad de Verificaci\u00f3n de Integridad Insuficiente en el proceso de instalaci\u00f3n del controlador de perif\u00e9ricos ASUS ROG permite la escalada de privilegios a SYSTEM. La vulnerabilidad se debe a un control de acceso inadecuado en el directorio de instalaci\u00f3n, lo que permite la explotaci\u00f3n de una condici\u00f3n de carrera donde el instalador leg\u00edtimo es sustituido por una carga \u00fatil inesperada inmediatamente despu\u00e9s de la descarga, lo que resulta en la ejecuci\u00f3n de c\u00f3digo arbitrario. Consulte la secci\u00f3n 'Actualizaci\u00f3n de seguridad para el controlador de perif\u00e9ricos ASUS ROG' en el Aviso de Seguridad de ASUS para m\u00e1s informaci\u00f3n."}], "id": "CVE-2026-1878", "lastModified": "2026-03-12T21:07:53.427", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "type": "Secondary"}]}, "published": "2026-03-12T03:15:57.570", "references": [{"source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "url": "https://www.asus.com/security-advisory/"}], "sourceIdentifier": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-494"}], "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.0.12.0)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Driver( Headset )", "source": "cna", "vendor": "ASUS"}, "product": "driver_headset_", "vendor": "asus"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.0.66.0)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Driver( Keyboard & Mouse )", "source": "cna", "vendor": "ASUS"}, "product": "driver_keyboard_mouse_", "vendor": "asus"}], "analysis": {"en": {"generated_at": "2026-03-18T14:46:15.209555+00:00", "value": {"mitigation_remediation": ["Apply the official ASUS security update for ROG peripheral drivers as described in the ASUS Security Advisory.", "Restrict write permissions on the driver installation directory to SYSTEM only to prevent unauthorized installer substitution.", "Verify the integrity of downloaded installer packages by checking digital signatures or checksums before installation."], "summary": {"action": "Apply Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Affected systems are ASUS ROG peripheral drivers for headset, keyboard, and mouse devices. The CVE data does not list specific vulnerable versions, so all publicly released drivers prior to the security update are potentially susceptible.", "description_and_impact": "The vulnerability is an insufficient integrity verification in the installation process of ASUS ROG peripheral drivers. Improper access control on the driver installation directory creates a race condition that allows a local user to replace the legitimate installer with malicious code immediately after download. Targeting this flaw can lead to arbitrary code execution and privilege escalation to SYSTEM, compromising system integrity and any data handled by the affected components. This weakness is related to CWE\u2011494.", "risk_and_exploitability": "The stated CVSS base score is 5.4, indicating moderate severity. The EPSS score is below 1%, suggesting a low likelihood of current exploitation. The vulnerability is not listed in the CISA KEV catalog. Based on the description it is inferred that the attack vector requires local file system write access to the installer directory, so a local attacker with user privileges can trigger the race condition. If the exploit is successfully triggered, the attacker can execute arbitrary code with SYSTEM privileges."}}}}, "created": "2026-03-13T09:53:45.251078+00:00", "title": "Privilege Escalation via Untrusted Installer Substitution in ASUS ROG Peripheral Driver", "updated": "2026-03-20T15:36:13.798411+00:00", "vendors": ["asus", "asus$PRODUCT$driver_headset_", "asus$PRODUCT$driver_keyboard_mouse_"]}