CVE-2025-3464
- EPSS 0.03%
- Published 16.06.2025 09:06:23
- Last modified 17.06.2025 01:15:22
A race condition vulnerability exists in Armoury Crate. This vulnerability arises from a Time-of-check Time-of-use issue, potentially leading to authentication bypass. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security ...
CVE-2025-1533
- EPSS 0.03%
- Published 12.05.2025 09:28:12
- Last modified 12.05.2025 17:32:32
A stack buffer overflow has been identified in the AsIO3.sys driver. This vulnerability can be triggered by input manipulation, may leading to a system crash (BSOD) or other potentially undefined execution. Refer to the 'Security Update for Armoury C...
CVE-2024-12957
- EPSS 0.04%
- Published 23.01.2025 10:15:06
- Last modified 23.01.2025 10:15:06
A file handling command vulnerability in certain versions of Armoury Crate may result in arbitrary file deletion. Refer to the '01/23/2025 Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.
CVE-2023-5716
- EPSS 1.72%
- Published 19.01.2024 04:15:09
- Last modified 21.11.2024 08:42:20
ASUS Armoury Crate has a vulnerability in arbitrary file write and allows remote attackers to access or modify arbitrary files by sending specific HTTP requests without permission.
CVE-2023-26911
- EPSS 0.02%
- Published 26.07.2023 14:15:10
- Last modified 21.11.2024 07:52:02
ASUS SetupAsusServices v1.0.5.1 in Asus Armoury Crate v5.3.4.0 contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.
CVE-2022-42455
- EPSS 0.03%
- Published 15.02.2023 21:15:10
- Last modified 19.03.2025 18:15:17
ASUS EC Tool driver (aka d.sys) 1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb, as signed by ASUS and shipped with multiple ASUS software products, contains multiple IOCTL handlers that provide raw read and write access to port I/O ...