After a critical security flaw, CVE-2025-13348, was discovered, ASUS removed the File Shredder feature from its Business Manager software This article explores shredder functionality patch. . On February 2, 2026, the company released a security bulletin to fix a bug that affected ASUS Business Manager versions 3.0.36.0 and lower.

ASUS chose to completely remove the File Shredder functionality rather than patch the vulnerability with traditional updates, demonstrating the seriousness of the security flaw and the possible exploitation risks connected with keeping the feature in place. Details of Vulnerabilities and Their Effects The seriousness of this vulnerability is demonstrated by the choice to stop using File Shredder rather than provide a patch. In order to prevent users from taking advantage of the vulnerability through this outdated feature, ASUS has released updated versions that no longer have the File Shredder capabilities.

Despite being extreme, this strategy removes the attack vector and guards against potential abuse by threat actors. Since the vulnerability impacts several Business Manager versions, it is a widespread problem that needs to be fixed right away. To make sure they are no longer vulnerable to this serious issue, businesses and individuals utilizing ASUS Business Manager should update right away to versions higher than 3.0.36.0.

The official ASUS Security Advisory Portal, located at www.asus.com/securityadvisory, allows users to download security patches and confirm their current version. Maintaining system security and averting possible compromise via the exploited functionality require this preventative action.

Details of the Attribute CVE ID CVE-2025-13348 Product Vulnerability Affected Versions 3.0.36.0 and Previous ASUS Business Manager Versions Critical Security Type As a member of the Forum of Incident Response and Security Teams (FIRST) and a partner of the CVE Numbering Authority (CNA), Flaw ASUS continues to actively participate in vulnerability disclosure initiatives. The organization complies with ISO 29147:2018 and ISO 30111:2019 standards for vulnerability management and Coordinated Vulnerability Disclosure (CVD) best practices. These pledges show ASUS's commitment to ethical security procedures and open dialogue with customers about possible risks.

ASUS's continuous security update cycle includes the disclosure of this vulnerability. Throughout 2025 and the first part of 2026, the company released 89 security advisories that addressed a variety of products, such as MyASUS, router firmware, Armoury Crate, and UEFI firmware.

This regularity of security updates emphasizes how threats are constantly changing and how crucial it is to keep all deployed systems running the most recent software versions. To guarantee ongoing security protection, ASUS advises users to keep firmware and software updated on all of its products. Updating impacted systems and confirming that File Shredder functionality is no longer present in their current installations should be the top priorities for system administrators overseeing ASUS Business Manager deployments.

Prior to patching, security teams should also determine whether this vulnerability was exploited in their environments by identifying suspicious activity using log analysis and endpoint detection and response (EDR) tools. In order to preserve secure data deletion capabilities, alternative solutions should be assessed and implemented for organizations that depend on file shredding functionality.

Users should also frequently check ASUS security advisories to stay up to date on new threats that could affect their systems.