CVE-2026-8920
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Improper Restriction of Communication Channel to Intended Endpoints and External Control of File Name or Path in Aura Wallpaper Service allow a local user to perform file operations by sending crafted commands containing an arbitrary file path and bypassing the service’s path restrictions . On specific models , this can also cause a single feature to become unavailable . Refer to the ' Security Update for Aura Wallpaper Service ' section on the ASUS Security Advisory for more information.
| CWE | CWE-923 CWE-73 |
| Vendor | asus |
| Product | aura wallpaper service |
| Published | Jul 15, 2026 |
| Last Updated | Jul 15, 2026 |
Stay Ahead of the Next One
Get instant alerts for asus aura wallpaper service
Be the first to know when new unknown vulnerabilities affecting asus aura wallpaper service are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
ASUS / Aura Wallpaper Service
v2.1.8.0 ≤ v2.1.15.0