CVE-2025-11775

CWE-125Out-of-bounds Read3 documents3 sources
Severity
4.8MEDIUM
EPSS
0.0%
top 94.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Asus Armoury Crate
Timeline
PublishedDec 17

Description

An out-of-bounds read vulnerability has been identified in the asComSvc service. This vulnerability can be triggered by sending specially crafted requests, which may lead to a service crash or partial loss of functionality. This vulnerability only affects ASUS motherboard series products. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Packages1 packages

CVEListV5asus/armoury_cratev6.3.4 and earlier

🔴Vulnerability Details

2
GHSA
GHSA-97mg-qp3q-2h6h: An out-of-bounds read vulnerability has been identified in the asComSvc service2025-12-17
CVEList
CVE-2025-11775: An out-of-bounds read vulnerability has been identified in the asComSvc service2025-12-17
CVE-2025-11775 (MEDIUM CVSS 4.8) | An out-of-bounds read vulnerability | cvebase.io