CVE-2026-8918
Deferred Deferred - Pending Action

Memory Corruption Flaw in ASUS Armoury Crate

Vulnerability report for CVE-2026-8918, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-22

Last updated on: 2026-06-24

Assigner: ASUS

Description

A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash (BSOD) by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate AppΒ ' section on the ASUS Security Advisory for more information.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-22
Last Modified
2026-06-24
Generated
2026-07-12
AI Q&A
2026-06-22
EPSS Evaluated
2026-07-11
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
asus armoury_crate *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-183 The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are explicitly allowed by policy because the inputs are assumed to be safe, but the list is too permissive - that is, it allows an input that is unsafe, leading to resultant weaknesses.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in ASUS Armoury Crate due to a permissive list of allowed inputs. It allows a local administrator to bypass the validation mechanism and perform arbitrary memory read or write operations. This can also lead to causing a system crash, such as a Blue Screen of Death (BSOD).

Impact Analysis

The vulnerability can impact you by allowing a local administrator to manipulate memory arbitrarily, which can compromise system stability and security. This could result in unauthorized memory access or modification, potentially leading to system crashes (BSOD) and disruption of normal operations.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-8918. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart