CVE-2025-11775
Unknown
Unknown - Not Provided
Out-of-Bounds Read in ASUS asComSvc Causes Service Crash
Vulnerability report for CVE-2025-11775, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2025-12-17
Last updated on: 2025-12-17
Assigner: ASUS
Description
Description
An out-of-bounds read vulnerability has been identified in the asComSvc service. This vulnerability can be triggered by sending specially crafted requests, which may lead to a service crash or partial loss of functionality. This vulnerability only affects ASUS motherboard series products.Β Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| asus | armoury_crate_app | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |