A critical authorization bypass vulnerability in ASUS Armoury Crate allows attackers to gain system-level privileges on Windows machines through hard link manipulation. The vulnerability, tracked as CVE-2025-3464 with a CVSS score of 8.8, affects the AsIO3.sys driver and was patched on June 16, 2025. The exploit involves creating a hard link to a malicious executable and then switching it to the legitimate AsusCertService.exe, bypassing security validation. This grants attackers kernel-level access, enabling complete system compromise.
Source: https://cybersecuritynews.com/asus-armoury-crate-vulnerability/
TPRM report: https://scoringcyber.rankiteo.com/company/asus
"id": "asu607061725",
"linkid": "asus",
"type": "Vulnerability",
"date": "6/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Technology',
'name': 'ASUS',
'type': 'Company'}],
'attack_vector': 'Hard link manipulation',
'date_detected': '2025-02-18',
'date_publicly_disclosed': '2025-06-16',
'date_resolved': '2025-06-16',
'description': 'A critical authorization bypass vulnerability in ASUS Armoury '
'Crate enables attackers to gain system-level privileges on '
'Windows machines through a sophisticated hard link '
'manipulation technique.',
'lessons_learned': 'This discovery highlights the ongoing security challenges '
'in gaming software and the importance of proper '
'authorization mechanisms in kernel-level drivers, '
'particularly those managing hardware access and '
'system-level operations.',
'recommendations': 'Users are strongly advised to update to the latest '
'patched version immediately.',
'references': [{'date_accessed': '2025-06-16', 'source': 'Cisco Talos'}],
'title': 'Critical Authorization Bypass Vulnerability in ASUS Armoury Crate',
'type': 'Privilege escalation',
'vulnerability_exploited': 'CVE-2025-3464'}