CVE-2025-3464NVD

Vulnerability Summary

A race condition vulnerability exists in Armoury Crate. This vulnerability arises from a Time-of-check Time-of-use issue, potentially leading to authentication bypass.
Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.

Severity Level

HIGH(8.4)

Published Date

Jun 16, 2025

Last Modified

Jun 17, 2025

Exploitation Status

????

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

CWE-367: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v4.0 Base Metrics

Attack VectorLocal

Attack ComplexityLow

Privileges RequiredLow

User InteractionNone

External References

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2150
https://www.asus.com/content/asus-product-security-advisory/
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2150