Ddos 
Gamers and PC enthusiasts relying on ASUS Armoury Crate to manage their high-performance systems are urged to update immediately following the discovery of a serious security vulnerability. Tracked as CVE-2025-3464, the flaw exposes users to authentication bypass attacks due to a race condition—specifically, a Time-of-Check to Time-of-Use (TOCTOU) issue.
With a CVSS v4 severity rating of 8.4, this vulnerability affects Armoury Crate versions from V5.9.9.0 up to V6.1.18.0. ASUS has issued an advisory, encouraging all users to update to the latest version through the in-app Update Center.
“ASUS strongly recommends that users update their Armoury Crate installation to the latest version,” the company emphasized in its announcement.
Armoury Crate is a system management utility developed by ASUS for its Republic of Gamers (ROG) and TUF Gaming product lines. It acts as a central dashboard for managing RGB lighting, fan profiles, system diagnostics, game libraries, and device drivers — making it a core component in many ASUS-powered setups.
CVE-2025-3464 is rooted in a Time-of-Check Time-of-Use (TOCTOU) flaw — a type of race condition where an attacker can exploit the time gap between a security check and its actual use.
Users running ASUS Armoury Crate versions between V5.9.9.0 and V6.1.18.0 are vulnerable. This includes many gaming laptops and desktops that come preloaded with the software.
ASUS users are advised to:
- Launch Armoury Crate
- Navigate to Settings > Update Center
- Click Check for Updates
- Install the update if a newer version is available
Related Posts:
- ASUS Urges Windows 11 Upgrade: The Dawn of AI-Powered PCs and the End of Windows 10
- Multiple vulnerabilities affect all versions of ASUS routers
- CVE-2025-2492: Critical ASUS Router Vulnerability Requires Immediate Firmware Update
- CISA Adds 5 Actively Exploited Vulnerabilities to KEV Catalog: ASUS Routers, Craft CMS, and ConnectWise Targeted
- Critical Flaw in ASUS Armoury Crate Exposed
Donate