What is the ASUS CNA?
ASUS is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 32 CVE records since 2024.
How many CVEs has ASUS published?
ASUS has published 32 CVE records, including 32 in the last two years.
What is ASUS's CVE data quality grade?
RadicalNotion.AI grades ASUS's CVE data quality as A, with an overall completeness score of 100%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (100%) information.
What products does ASUS publish CVEs for?
ASUS most frequently publishes CVEs for Router, Armoury Crate, MyASUS, DriverHub, ASUS Business System Control Interface.
Which vendors does ASUS cover?
ASUS publishes CVEs across 1 distinct vendors, most often ASUS.
Is ASUS actively publishing CVEs?
ASUS is currently active, based on 32 CVEs in the last two years.
What is the average severity of ASUS's CVEs?
The average CVSS base score across ASUS's scored CVEs is 7.5.
How many critical CVEs has ASUS published?
ASUS has published 5 critical-severity CVEs and 19 high-severity CVEs.
Are any of ASUS's CVEs in CISA's Known Exploited Vulnerabilities catalog?
Yes. 1 of ASUS's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
What are the most common weakness types in ASUS's CVEs?
ASUS's CVEs most often map to these CWE weakness types: CWE-732 (Incorrect Permission Assignment for Critical Resource), CWE-125 (Out-of-bounds Read), CWE-121 (Stack-based Buffer Overflow), CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')).
How does ASUS rank among CNAs?
By total CVE volume, ASUS ranks #213 of 370 CNAs, and it reports more complete CVE records than 60% of all CNAs.
