Asus · Asus Rog Armoury Crate Lite · CVE-2021-40981
**Name of the Vulnerable Software and Affected Versions**
ASUS ROG Armoury Crate Lite versions prior to 4.2.10
**Description**
The issue allows local users to gain privileges by placing a Trojan horse file in the publicly writable %PROGRAMDATA%ASUSGamingCenterLib directory. This is a privilege escalation vulnerability.
**Recommendations**
For versions prior to 4.2.10, update to version 4.2.10 or later to resolve the issue. As a temporary workaround, consider restricting write access to the %PROGRAMDATA%ASUSGamingCenterLib directory to prevent malicious file placement.