A critical vulnerability in ASUS Armoury Crate software, CVE-2025-3464, allows attackers to escalate privileges to SYSTEM level on Windows machines. Although not exploited in the wild yet, it poses a significant threat due to the widespread deployment of the software. #ASUS #ArmouryCrate #CVE-2025-3464
Keypoints
- The vulnerability affects ASUS Armoury Crate versions between 5.9.9.0 and 6.1.18.0.
- It exploits a flaw in the driver verifying callers via a hardcoded hash instead of using proper access controls.
- Successful exploitation grants attackers low-level system privileges, including memory and hardware access.
- The issue is caused by the way the driver handles SHA-256 hash verification of AsusCertService.exe.
- Users are advised to update Armoury Crate to the latest version to mitigate the security risk.