CVE-2025-11775 is a medium severity vulnerability classified as CWE-125 (Out-of-bounds Read) found in the asComSvc service component of ASUS Armoury Crate software, specifically affecting ASUS motherboard series products running Armoury Crate version 6.3.4 and earlier. The vulnerability arises from improper bounds checking when processing certain requests, allowing an attacker with local privileges to craft inputs that cause the service to read memory outside its intended buffer boundaries. This can lead to a service crash or partial loss of functionality, impacting system stability and availability. The attack vector requires local access with low privileges, no user interaction, and no network access without authentication, limiting remote exploitation potential. The CVSS v4.0 score is 4.8, reflecting moderate impact primarily on availability and requiring some level of privilege. No public exploits or active exploitation have been reported to date. The vulnerability highlights the risks associated with system management software that interfaces closely with hardware components. ASUS has acknowledged the issue and recommends updating Armoury Crate to versions beyond 6.3.4 once patches are released. Organizations should also monitor the asComSvc service for abnormal behavior indicative of exploitation attempts.

For European organizations, this vulnerability could cause instability or downtime on systems using affected ASUS motherboards with Armoury Crate software, potentially disrupting business operations or critical infrastructure relying on these systems. While it does not directly compromise confidentiality or integrity, the partial loss of functionality or service crashes could impact availability of management features or system monitoring, which are important for maintaining operational security. Organizations with large deployments of ASUS hardware in enterprise or government environments may face increased risk of operational disruption. The requirement for local privileges reduces the likelihood of remote exploitation but insider threats or malware with local access could leverage this vulnerability. In sectors such as finance, manufacturing, or public administration where uptime and system reliability are critical, even medium severity availability issues can have significant consequences. Therefore, timely mitigation is important to maintain operational continuity.

1. Apply official patches or updates from ASUS for Armoury Crate software as soon as they become available, upgrading beyond version 6.3.4. 2. Restrict local access to systems running Armoury Crate to trusted users only, employing strict access controls and least privilege principles. 3. Monitor the asComSvc service for crashes, abnormal behavior, or unexpected restarts that could indicate exploitation attempts. 4. Implement endpoint detection and response (EDR) solutions to detect suspicious local activity related to Armoury Crate processes. 5. Conduct regular audits of installed software versions on ASUS hardware to ensure compliance with security updates. 6. Educate users and administrators about the risks of running outdated system management software and the importance of timely patching. 7. Consider isolating critical systems with ASUS hardware from less trusted networks or users to reduce risk of local exploitation. 8. Maintain comprehensive logging and alerting to quickly identify and respond to incidents involving Armoury Crate components.