Local Privilege Escalation Vulnerability in Armoury Crate by ASUS
CVE-2025-9968

8.5HIGH

Key Information:

Vendor: Asus
Status: Armoury Crate
Vendor: CVE Published:; 13 October 2025

What is CVE-2025-9968?

A link following vulnerability in the UnifyScanner component of Armoury Crate allows for local privilege escalation when a specially crafted junction is created. This flaw can potentially be exploited to gain elevated permissions, which could lead to unauthorized access to system resources. It is essential for users of Armoury Crate to stay informed regarding any security updates provided by ASUS to mitigate risks associated with this vulnerability.

Affected Version(s)

Armoury Crate before 6.3.4

References

https://www.asus.com/security-advisory/

vendor-advisory

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Oct 13, 2025
Vulnerability Reserved
Sep 4, 2025

JSON

Asus

What is CVE-2025-9968?

Affected Version(s)

References

CVSS V4

Timeline