CVE-2026-8918 · Symaro Security Advisory

Description

A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash (BSOD) by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory for more information.

Severity (CVSS)

Base score	7.1
Severity	High
Version	CVSS 4.0
Vector	CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Provided by	CNA

Weaknesses

CWE-183 — CWE-183: Permissive List of Allowed Inputs

Affected products

Vendor	Product	Versions
ASUS	Armoury Crate	0 to <=6.4.12

References

https://www.asus.com/security-advisory

Authoritative sources

This page is a snapshot. For the latest enrichment and updates, view the record on CVE.org or the NVD.

Generated from the official CVE List on 22 Jun 2026 14:43 UTC.