Asus on Monday introduced patches for a high-severity vulnerability within the Armoury Crate administration software program that might result in full system compromise.
Tracked as CVE-2025-3464 (CVSS rating of 8.8), the bug is described as an authorization bypass rooted in a Time-of-check Time-of-use subject.
In line with Cisco Talos, which recognized the flaw, an attacker can set off the safety defect by making a crafted onerous hyperlink and bypass authorization to an Armoury Crate-specific driver.
A centralized software, Armoury Crate is used for the administration of {hardware} elements and peripherals, providing numerous system configuration, driver and firmware replace, RGB illumination, and system efficiency capabilities.
CVE-2025-3464 is said to the AsIO3.sys digital driver that Armoury Crate makes use of for sure performance, and the Asusgio3 system the driving force creates.
For cover functions, entry to the driving force is proscribed to the AsusCertService.exe and processes whose PIDs are added by it, and an identical SHA-256 hash.
Nevertheless, Talos found that an attacker may create a tough hyperlink pointing to an executable in the identical listing as AsusCertService.exe, which leads to the perform checking the SHA-256 hash studying the trusted binary, resulting in authorization bypass.
“As a result of authorization bypass, any consumer can get hold of a deal with to the system, which exposes quite a few functionalities important from a safety perspective,” Talos explains.Commercial. Scroll to proceed studying.
An attacker that already has entry to a susceptible system can exploit the vulnerability to map bodily reminiscence addresses, entry I/O port communication directions, learn/write values from/to MSR register, and extra.
“We consider that this vulnerability is important and offers a possible attacker with quite a few simple methods to escalate privileges and take management of the whole system,” Talos notes.
On Monday, Asus introduced that CVE-2025-3464 impacts Armoury Crate variations between 5.9.9.0 and 6.1.18.0, urging customers to replace their installations to the most recent model as quickly as potential.
Associated: Excessive-Severity Vulnerabilities Patched in Tenable Nessus Agent
Associated: GreyNoise Flags 9,000 ASUS Routers Backdoored Through Patched Vulnerability
Associated: Asus DriverHub Vulnerabilities Expose Customers to Distant Code Execution Assaults
Associated: Over 30 Vulnerabilities Patched in Android
