Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2025-3464

UNKNOWN
Published 2025-06-16T09:06:23.221Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2025-3464. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A race condition vulnerability exists in Armoury Crate. This vulnerability arises from a Time-of-check Time-of-use issue, potentially leading to authentication bypass.
Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.

Available Exploits

No exploits available for this CVE.

Related News

Alarming ASUS Armoury Crate Vulnerability Can Give Hackers Admin Access

Security researchers have revealed that the ASUS Armoury Crate software has a serious vulnerability (tracked as CVE-2025-3464) that could allow hackers to gain admin access to computers. The ASUS Armoury Crate software was designed to help users control and …

Hot Hardware 2025-06-18 10:31
Read More

Affected Products

ASUS

Armoury Crate

Affected Versions:

v5.9.9.0~v6.1.18

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

A race condition vulnerability exists in Armoury Crate. This vulnerability arises from a Time-of-check Time-of-use issue, potentially leading to authentication bypass.
Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.

Affected Products (ENISA)

asus
armoury crate

ENISA Scoring

CVSS Score (4.0)

8.4
/10
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H

EPSS Score

0.030
probability

ENISA References

https://nvd.nist.gov/vuln/detail/CVE-2025-3464
https://talosintelligence.com/vulnerability_reports/TALOS-2024-2150
https://www.asus.com/content/asus-product-security-advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2150
https://www.asus.com/content/asus-product-security-advisory/
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2150

Data provided by ENISA EU Vulnerability Database. Last updated: July 10, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-7prc-4c75-54x8

Advisory Details

A race condition vulnerability exists in Armoury Crate. This vulnerability arises from a Time-of-check Time-of-use issue, potentially leading to authentication bypass. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-3464
WEB https://talosintelligence.com/vulnerability_reports/TALOS-2024-2150
WEB https://talosintelligence.com/vulnerability_reports/TALOS-2025-2150
WEB https://www.asus.com/content/asus-product-security-advisory
WEB https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2150

Advisory provided by GitHub Security Advisory Database. Published: June 16, 2025, Modified: June 17, 2025

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

4 posts
Reddit 3 months, 1 week ago
Dark-Marc
Exploit

ASUS Gaming Software Flaw Allows Bypass to System Privileges **A critical vulnerability in ASUS Armoury Crate exposes Windows machines to potential system-level attacks through hard link manipulation.** **Key Points:** - CVE-2025-3464 targets ASUS Armoury Crate's AsIO3.sys driver. - Attackers exploit an authentication bypass via Windows hard links. - The flaw …

1
1
3.0
View Original High Risk
Reddit 3 months, 1 week ago
trailer8k

Computer Severe Vulnerability in ASUS Armoury Crate allows attackers to gain Windows admin privileges (CVE-2025-3464)

1
2
5.0
View Original
Reddit 3 months, 1 week ago
crstux
Exploit

🔥 Top 10 Trending CVEs (17/06/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-3464](https://nvd.nist.gov/vuln/detail/CVE-2025-3464)** - 📝 A race condition vulnerability exists in Armoury Crate. This vulnerability arises from a Time-of-check Time-of-use issue, potentially leading to authentication bypass. Refer to the Security Update for Armoury …

Also mentions: CVE-2025-36631 CVE-2025-4275 CVE-2025-33073 CVE-2025-0133 CVE-2025-49113 CVE-2025-4123 CVE-2025-26685 CVE-2024-34351
1
1.0
View Original High Risk
Reddit 3 months, 1 week ago
kurtstir

Severe Vulnerability in ASUS Armoury Crate allows attackers to gain Windows admin privileges (CVE-2025-3464)

148
37
222.0
View Original

References

https://www.asus.com/content/asus-product-security-advisory/
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2150
Published: 2025-06-16T09:06:23.221Z
Last Modified: 2025-07-10T19:00:28.851Z
Copied to clipboard!