Asus has released patches for a high-severity vulnerability in its Armoury Crate software that allows full system compromise through an authorization bypass. The flaw, tracked as CVE-2025-3464, affects multiple versions and can be exploited to escalate privileges and control affected systems. #CVE-2025-3464 #ArmouryCrate #AsusVulnerability
Keypoints
- The vulnerability CVE-2025-3464 involves an authorization bypass in Armoury Crate software.
- Exploitation allows attackers to escalate privileges and access critical system functionalities.
- The flaw is related to the AsIO3.sys virtual driver and its associated device Asusgio3.
- Attacks can occur if a malicious hard link is created to bypass hash verification and gain driver access.
- Asus recommends updating Armoury Crate to versions 6.1.18.0 or later to mitigate the risk.
Read More: https://www.securityweek.com/asus-armoury-crate-vulnerability-leads-to-full-system-compromise/