CVE-2025-3464

Name of the Vulnerable Software and Affected Versions ASUS Armoury Crate versions 5.9.9.0 through 6.1.18.0

Description A race condition vulnerability exists in Armoury Crate, arising from a Time-of-check Time-of-use issue, potentially leading to authentication bypass. This vulnerability could allow threat actors to escalate privileges to SYSTEM level on Windows, risking hardware and memory access. The flaw affects the AsIO3.sys driver used by Armoury Crate. According to MDE worldwide telemetry, a large footprint of this vulnerability exists, making it a significant concern for defenders. The vulnerability can be exploited by creating a hard link that points to an executable file in the same directory as AsusCertService.exe, leading to authentication bypass.

Recommendations For versions 5.9.9.0 through 6.1.18.0, update Armoury Crate to the latest version to resolve the issue. As a temporary workaround, consider restricting access to the AsIO3.sys driver to minimize the risk of exploitation. Avoid using the vulnerable AsIO3.sys driver until the issue is resolved. Restrict access to the AsusCertService.exe process to prevent potential abuse. At the moment, there is no information about other mitigation measures.