ASUS has discontinued the File Shredder feature in its Business Manager software following the discovery of a critical security vulnerability, CVE-2025-13348.
The company issued a security bulletin on February 2, 2026, addressing a flaw affecting ASUS Business Manager version 3.0.36.0 and earlier releases.
Rather than patching the vulnerability through conventional updates, ASUS opted to remove the File Shredder functionality from Business Manager completely.
This decision indicates the severity of the security flaw and potential exploitation risks associated with maintaining the feature. The company has released updated versions that no longer include File Shredder capabilities.
| Attribute | Details |
|---|---|
| CVE ID | CVE-2025-13348 |
| Affected Product | ASUS Business Manager |
| Affected Versions | 3.0.36.0 and earlier |
| Vulnerability Type | Critical Security Flaw |
ASUS maintains active participation in vulnerability disclosure programs as a CVE Numbering Authority (CNA) partner and a member of the Forum of Incident Response and Security Teams (FIRST).
The company follows Coordinated Vulnerability Disclosure (CVD) best practices and adheres to ISO 29147:2018 and ISO 30111:2019 standa-rds for vulnerability management.
Organizations and individuals using ASUS Business Manager should immediately update to versions newer than 3.0.36.0.
Users can verify their current version and download security patches through the official ASUS Security Advisory Portal at www.asus.com/securityadvisory.
This vulnerability disclosure is part of ASUS’s ongoing security update cycle. The company has published 89 security advisories addressing various products, including MyASUS, router firmware, Armoury Crate, and UEFI firmware, throughout 2025 and early 2026.
ASUS encourages users to keep software and firmware up to date across all products to ensure continued security protection.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.