Update Asus Armoury Crate Now to Fix Serious Vulnerability
Gamers with Asus devices need to update their systems ASAP: A newly discovered vulnerability in Armoury Crate allows hackers to gain low-level system privileges, potentially compromising your OS.
How does the Armory Crate error work?
Armoury Crate is an Asus utility (often pre-installed) that manages Asus and ROG software and peripherals. This vulnerability, tracked as CVE-2025-3464, allows attackers to bypass authentication requirements and gain SYSTEM privileges on Windows machines. As reported by Tech Radar , the vulnerability in the Armoury Crate kernel-mode driver validates calls using a hardcoded SHA-256 hash of AsusCertServices.exe and a list of allowed PIDs, rather than OS-level access checks.
If exploited, this bug would allow access to the driver, which could lead to a complete takeover of the OS. However, attackers would have to already be on your system — through malware, phishing, or credential theft — to exploit it.
The vulnerability CVE-2025-3464 was discovered by a researcher at Cisco Talos and is considered a high severity vulnerability (with a score of 8.4 out of 10).
This isn’t the first security issue Asus has faced in recent months. The company patched a remote code execution vulnerability in DriverHub in May and has also become a target for malware attackers. A campaign known as CoffeeLoader , revealed earlier this year, posed as Armoury Crate to deliver infostealers to users’ systems.
Update Armory Crate to the latest version
While Asus says there is no indication that the vulnerability has been exploited in the wild, users should still update to the latest version of Armoury Crate. The vulnerability affects all versions between 5.9.9.0 and 6.1.18.0.
To download and install updates, open the Armoury Crate app and go to Settings > Update Center > Check for updates > Update .