Permissive Input Validation Flaw in ASUS Armoury Crate
CVE-2026-8918

7.1HIGH

Key Information:

Vendor

Asus

Vendor
CVE Published:
22 June 2026

What is CVE-2026-8918?

An input validation flaw in ASUS's Armoury Crate software permits local administrators to bypass security measures, leading to arbitrary read/write access in memory. This can result in unauthorized manipulation of data or even trigger a system crash, resulting in a Blue Screen of Death (BSOD). For more details, refer to the ASUS Security Advisory.

Affected Version(s)

Armoury Crate 0 <= 6.4.12

References

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

YUAN RUI
number201724@me.com
.