CVE-2025-9338
Severity
7.3HIGH
EPSS
0.0%
top 95.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 6
Description
A improper restriction of operations within the bounds of a memory buffer exists in AsIO3.sys driver. This vulnerability can be triggered by manually executing a specially crafted process, potentially leading to local privilage escalation.
For additional information, please refer to the 'Security Update for Armoury Crate App' section of the ASUS Security Advisory.
CVSS vector
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N