- How many CVEs does Asus have?
- Asus has 347 published CVE records since 2005, including 56 in the last two years.
- How many Asus CVEs are in CISA KEV?
- Yes — 3 of Asus's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
- Which Asus products have the most CVEs?
- The Asus products with the most published CVEs are RT-AC86U, RT-AC68U, rt-ac86u_firmware, asmb8-ikvm firmware, asmb8-ikvm.
- What are the most common weakness types in Asus CVEs?
- Asus's CVEs most often map to these CWE weakness types: CWE-120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')), CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')), CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')), CWE-782 (Exposed IOCTL with Insufficient Access Control).
- Are there public exploits for Asus vulnerabilities?
- Yes — 63 of Asus's CVEs have a known public exploit.
- How many critical Asus vulnerabilities are there?
- Asus has 59 critical and 164 high-severity CVEs.
- What is the average severity of Asus CVEs?
- The average CVSS base score across Asus's scored CVEs is 7.4.