Description
A file handling command vulnerability in certain versions of Armoury Crate may result in arbitrary file deletion. Refer to the '01/23/2025 Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.
CVSS breakdown
CVSS 4.0
Attack Vector
Local
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
Confidentiality (Vulnerable System)
None
Integrity (Vulnerable System)
High
Availability (Vulnerable System)
High
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
High
Availability (Subsequent System)
High
Affected products
- ASUS / Armoury CrateV2.3.4.0~V5.9.9.0 – V2.3.4.0~V5.9.9.0