Asus

Armoury Crate

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2025-11775

  • EPSS 0.02%
  • Veröffentlicht 17.12.2025 04:25:54
  • Zuletzt bearbeitet 18.12.2025 15:08:06

An out-of-bounds read vulnerability has been identified in the asComSvc service. This vulnerability can be triggered by sending specially crafted requests, which may lead to a service crash or partial loss of functionality. This vulnerability only af...

7.3

CVE-2025-9338

  • EPSS 0.02%
  • Veröffentlicht 06.11.2025 06:15:44
  • Zuletzt bearbeitet 06.11.2025 19:45:09

A improper restriction of operations within the bounds of a memory buffer exists in AsIO3.sys driver. This vulnerability can be triggered by manually executing a specially crafted process, potentially leading to local privilage escalation. For additi...

6.8

CVE-2025-9337

  • EPSS 0.02%
  • Veröffentlicht 13.10.2025 09:24:35
  • Zuletzt bearbeitet 14.10.2025 19:36:29

A null pointer dereference has been identified in the AsIO3.sys driver. The vulnerability can be triggered by a specially crafted input, which may lead to a system crash (BSOD). Refer to the 'Security Update for Armoury Crate App' section on the ASUS...

6.8

CVE-2025-9336

  • EPSS 0.02%
  • Veröffentlicht 13.10.2025 09:24:04
  • Zuletzt bearbeitet 14.10.2025 19:36:29

A stack buffer overflow has been identified in the AsIO3.sys driver. This vulnerability can be triggered by input manipulation, may leading to a system crash (BSOD) or other potentially undefined execution. Refer to the 'Security Update for Armoury ...

8.5

CVE-2025-9968

  • EPSS 0.03%
  • Veröffentlicht 13.10.2025 08:13:33
  • Zuletzt bearbeitet 14.10.2025 19:36:29

A link following vulnerability exists in the UnifyScanner component of Armoury Crate. This vulnerability may be triggered by creating a specially crafted junction, potentially leading to local privilege escalation. For more information, please refer ...

8.4

CVE-2025-3464

  • EPSS 0.03%
  • Veröffentlicht 16.06.2025 09:06:23
  • Zuletzt bearbeitet 17.06.2025 01:15:22

A race condition vulnerability exists in Armoury Crate. This vulnerability arises from a Time-of-check Time-of-use issue, potentially leading to authentication bypass. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security ...

8.2

CVE-2025-1533

  • EPSS 0.03%
  • Veröffentlicht 12.05.2025 09:28:12
  • Zuletzt bearbeitet 12.05.2025 17:32:32

A stack buffer overflow has been identified in the AsIO3.sys driver. This vulnerability can be triggered by input manipulation, may leading to a system crash (BSOD) or other potentially undefined execution. Refer to the 'Security Update for Armoury C...

8.4

CVE-2024-12957

  • EPSS 0.04%
  • Veröffentlicht 23.01.2025 10:15:06
  • Zuletzt bearbeitet 23.01.2025 10:15:06

A file handling command vulnerability in certain versions of Armoury Crate may result in arbitrary file deletion. Refer to the '01/23/2025 Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.

9.8

CVE-2023-5716

  • EPSS 0.89%
  • Veröffentlicht 19.01.2024 04:15:09
  • Zuletzt bearbeitet 21.11.2024 08:42:20

ASUS Armoury Crate has a vulnerability in arbitrary file write and allows remote attackers to access or modify arbitrary files by sending specific HTTP requests without permission.

7.8

CVE-2023-26911

  • EPSS 0.02%
  • Veröffentlicht 26.07.2023 14:15:10
  • Zuletzt bearbeitet 21.11.2024 07:52:02

ASUS SetupAsusServices v1.0.5.1 in Asus Armoury Crate v5.3.4.0 contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.