CVE-2025-9338_CVE-2025-9338

7.3 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

A improper restriction of operations within the bounds of a memory buffer exists in AsIO3.sys driver. This vulnerability can be triggered by manually executing a specially crafted process, potentially leading to local privilage escalation.
For additional information, please refer to the 'Security Update for Armoury Crate App' section of the ASUS Security Advisory.

Basic Information

ID CVE-2025-9338

Source ASUS

Published Nov 6, 2025 at 06:02

Affected Product

Vendor ASUS

Product Armoury Crate

Version 6.2.11 and earlier

Affected Versions ASUS Armoury Crate 6.2.11 and earlier

CWE Classification

CWE-119

References

www.asus.com /security-advisory/

{
    "lastseen": "",
    "description": "A improper restriction of operations within the bounds of a memory buffer exists in AsIO3.sys driver. This vulnerability can be triggered by manually executing a specially crafted process, potentially leading to local privilage escalation.\nFor additional information, please refer to the 'Security Update for Armoury Crate App' section of the ASUS Security Advisory.",
    "published": "2025-11-06T06:02:48.738Z",
    "modified": "2025-11-06T06:02:48.738Z",
    "type": "cve",
    "title": "CVE-2025-9338",
    "source": "ASUS",
    "references": "https://www.asus.com/security-advisory/",
    "id": "CVE-2025-9338",
    "bulletinFamily": "",
    "cwe": [
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "ASUS Armoury Crate 6.2.11 and earlier",
    "sourceHref": "",
    "cvss": {
        "score": 7.3,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Armoury Crate",
    "version": "6.2.11 and earlier",
    "vendor": "ASUS",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}