Skip to main content

ASUS Armoury Crate EUVDEUVD-2026-33244

| CVE-2026-8070 HIGH
Incorrect Permission Assignment for Critical Resource (CWE-732)
2026-05-29 ASUS GHSA-cgxr-jgj8-7wp2
7.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.3 HIGH
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
May 29, 2026 - 02:26 vuln.today
CVSS changed
May 29, 2026 - 02:22 NVD
7.3 (HIGH)

DescriptionCVE.org

Incorrect permission assignment for a critical resource in Armoury Crate allows a local user to bypass the driver’s validation mechanism, resulting in unauthorized read and write access to physical memory.Refer to the ' Security Update for Armoury Crate App   ' section on the ASUS Security Advisory for more information.

AnalysisAI

Local privilege escalation in ASUS Armoury Crate allows an authenticated low-privileged user to bypass driver validation and gain unauthorized read/write access to physical memory. The flaw stems from incorrect permission assignment (CWE-732) on a critical resource exposed by the application's kernel driver, enabling memory tampering that can be leveraged for full system compromise. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

Technical ContextAI

ASUS Armoury Crate is a Windows-based system utility shipped with ASUS motherboards, laptops, and ROG-branded hardware that bundles a privileged kernel-mode driver to manage RGB lighting, fan curves, and firmware controls. The CPE 'cpe:2.3:a:asus:armoury_crate' confirms the application itself is the vulnerable component, but the underlying weakness is in a driver exposed to user-mode callers. CWE-732 (Incorrect Permission Assignment for Critical Resource) here means the driver's device object or IOCTL interface is reachable by non-administrative users when it should be restricted, and the driver's internal validation logic that gates physical memory access can be circumvented - a recurring pattern in OEM 'tuning' drivers that has produced multiple LPE primitives historically.

RemediationAI

Patch available per vendor advisory - update Armoury Crate to the fixed build listed in the ASUS Security Advisory at https://www.asus.com/security-advisory under 'Security Update for Armoury Crate App'; the exact fix version is not included in the provided data and should be read directly from that advisory. As a compensating control until patched, uninstall Armoury Crate where it is not operationally required (loses RGB, fan, and firmware tuning UI), or block load of the vulnerable driver via a Microsoft Vulnerable Driver Blocklist / WDAC code-integrity policy targeting the Armoury Crate driver image (may break Armoury Crate functionality and Aura Sync features). Restricting interactive logon to the host and enforcing standard-user (non-admin) accounts reduces exposure but does not eliminate the LPE primitive once any local code execution is achieved.

Share

EUVD-2026-33244 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy