diff --git a/htdocs/asset/card.php b/htdocs/asset/card.php
index 8a6cb9b5e94..6c017d6e765 100644
--- a/htdocs/asset/card.php
+++ b/htdocs/asset/card.php
@@ -65,6 +65,9 @@ if (empty($action) && empty($id) && empty($ref)) $action = 'view';
 // Load object
 include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once.
 
+// Security check
+if (!empty($user->socid)) $socid = $user->socid;
+$result = restrictedArea($user, 'asset', $id);
 
 $permissiontoread = $user->rights->asset->read;
 $permissiontoadd = $user->rights->asset->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
diff --git a/htdocs/asset/document.php b/htdocs/asset/document.php
index d2890ea5b19..b43ec8d40cf 100644
--- a/htdocs/asset/document.php
+++ b/htdocs/asset/document.php
@@ -68,6 +68,10 @@ $extrafields->fetch_name_optionals_label($object->table_element);
 // Load object
 include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once  // Must be include, not include_once. Include fetch and fetch_thirdparty but not fetch_optionals
 
+// Security check
+if (!empty($user->socid)) $socid = $user->socid;
+$result = restrictedArea($user, 'asset', $id);
+
 //if ($id > 0 || ! empty($ref)) $upload_dir = $conf->sellyoursaas->multidir_output[$object->entity] . "/packages/" . dol_sanitizeFileName($object->id);
 if ($id > 0 || !empty($ref)) $upload_dir = $conf->sellyoursaas->multidir_output[$object->entity]."/packages/".dol_sanitizeFileName($object->ref);
 
diff --git a/htdocs/asset/info.php b/htdocs/asset/info.php
index 2654ebc2d81..801a7c85b36 100644
--- a/htdocs/asset/info.php
+++ b/htdocs/asset/info.php
@@ -35,15 +35,17 @@ $action = GETPOST('action', 'aZ09');
 
 // Security check
 if ($user->socid) $socid = $user->socid;
-$result = restrictedArea($user, 'asset', $id, '');
+$result = restrictedArea($user, 'asset', $id);
 
 $object = new Asset($db);
 $object->fetch($id);
 
+
 /*
  * Actions
  */
 
+// None
 
 
 /*
diff --git a/htdocs/asset/list.php b/htdocs/asset/list.php
index 975551968b4..57a2ee4caba 100644
--- a/htdocs/asset/list.php
+++ b/htdocs/asset/list.php
@@ -73,12 +73,15 @@ if (!$sortorder) $sortorder = "ASC";
 
 // Security check
 $socid = 0;
+if ($user->socid) $socid = $user->socid;
 if ($user->socid > 0)	// Protection if external user
 {
 	//$socid = $user->socid;
 	accessforbidden();
 }
-//$result = restrictedArea($user, 'asset', $id,'');
+// Security check
+$result = restrictedArea($user, 'asset', $id, '');
+
 
 // Initialize array of search criterias
 $search_all = GETPOST("search_all", 'alpha');
diff --git a/htdocs/asset/note.php b/htdocs/asset/note.php
index 8df2a7a5452..f19249ce1d2 100644
--- a/htdocs/asset/note.php
+++ b/htdocs/asset/note.php
@@ -54,6 +54,10 @@ $extrafields->fetch_name_optionals_label($object->table_element);
 include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once  // Must be include, not include_once. Include fetch and fetch_thirdparty but not fetch_optionals
 if ($id > 0 || !empty($ref)) $upload_dir = $conf->asset->multidir_output[$object->entity]."/".$object->id;
 
+// Security check
+if (!empty($user->socid)) $socid = $user->socid;
+$result = restrictedArea($user, 'asset', $id);
+
 $permissionnote = 1;
 //$permissionnote=$user->rights->asset->creer;	// Used by the include of actions_setnotes.inc.php