Skip to main content

ASUS Armoury Crate CVE-2026-8918

| EUVDEUVD-2026-38205 HIGH
Permissive List of Allowed Inputs (CWE-183)
2026-06-22 ASUS GHSA-jjw4-7368-pw26
7.1
CVSS 4.0 · Vendor: ASUS
Share

Severity by source

Vendor (ASUS) PRIMARY
7.1 HIGH
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
6.4 MEDIUM

Local-only driver IOCTL reachable only from an administrator (AV:L, PR:H); crafted inputs must defeat validation (AC:H); arbitrary kernel R/W and BSOD yield full C/I/A impact.

3.1 AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
4.0 AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (ASUS).

CVSS VectorVendor: ASUS

CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 22, 2026 - 06:11 vuln.today

DescriptionCVE.org

A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash (BSOD) by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory for more information.

AnalysisAI

Local privilege abuse in ASUS Armoury Crate (versions up to and including 6.4.12) allows a local administrator to bypass input validation and perform arbitrary kernel memory read/write or trigger a system crash (BSOD). The flaw is reported by ASUS and tracked as EUVD-2026-38205; no public exploit identified at time of analysis. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain local admin on ASUS host
Delivery
Open handle to Armoury Crate driver
Exploit
Submit crafted IOCTL bypassing validation
Execution
Gain arbitrary kernel read/write
Persist
Disable EDR or elevate to SYSTEM
Impact
Persist with kernel-level tampering

Vulnerability AssessmentAI

Exploitation Requires local code execution as an administrator on a Windows endpoint with ASUS Armoury Crate 6.4.12 or earlier installed and its kernel driver loaded - the attacker must be able to open a handle to the Armoury Crate driver and issue IOCTLs through it, which Windows restricts to administrative contexts. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Real-world risk is moderate and tightly bounded by the prerequisites. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has already obtained local administrator privileges on an ASUS endpoint (for example, via phishing followed by a UAC bypass) loads the legitimate Armoury Crate driver and sends crafted IOCTLs that pass the driver's permissive validation, granting arbitrary kernel read/write. They then use that primitive to patch out EDR callbacks or zero token privileges to escalate from admin to SYSTEM/kernel and establish stealthy persistence. …
Remediation Patch available per vendor advisory: update Armoury Crate to the fixed release published under the 'Security Update for Armoury Crate App' section at https://www.asus.com/security-advisory (exact fix version not enumerated in the supplied data - confirm against the ASUS advisory before deployment). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: inventory all systems running ASUS Armoury Crate version 6.4.12 or earlier and audit administrative user account access patterns. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-8918 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy