ASUS Armoury Crate bug lets attackers get Windows admin privileges

[Gandalf_The_Grey]

Content source

https://www.bleepingcomputer.com/news/security/asus-armoury-crate-bug-lets-attackers-get-windows-admin-privileges/

A high-severity vulnerability in ASUS Armoury Crate software could allow threat actors to escalate their privileges to SYSTEM level on Windows machines.

The security issue is tracked as CVE-2025-3464 and received a severity score of 8.8 out of 10.

It could be exploited to bypass authorization and affects the AsIO3.sys of the Armoury Crate system management software.

Armoury Crate is the official system control software for Windows from ASUS, providing a centralized interface to control RGB lighting (Aura Sync), adjust fan curves, manage performance profiles and ASUS peripherals, as well as download drivers and firmware updates.

To perform all these functions and provide low-level system monitoring, the software suite uses the kernel driver to access and control hardware features.

Cisco Talos validated that CVE-2025-3464 impacts Armoury Crate version 5.9.13.0, but ASUS' bulletin notes that the flaw impacts all versions between 5.9.9.0 and 6.1.18.0.

To mitigate the security problem, it is recommended to apply the latest update by opening the Armoury Crate app and going to "Settings"> "Update Center"> "Check for Updates"> "Update."

Cisco reported the flaw to ASUS in February but no exploitation in the wild has been observed so far. However, "ASUS strongly recommends that users update their Armoury Crate installation to the latest version."

ASUS Armoury Crate bug lets attackers get Windows admin privileges

A high-severity vulnerability in ASUS Armoury Crate software could allow threat actors to escalate their privileges to SYSTEM level on Windows machines.

www.bleepingcomputer.com