CVE-2026-8918
HighCVSS 7.1Exploitation Probability (EPSS)
Low risk13th percentile - higher than 13% of all known CVEs
Summary
ASUS Armoury Crate has a vulnerability related to a permissive list of allowed inputs, allowing a local administrator to perform arbitrary memory read/write operations or cause a system crash (BSOD) by bypassing the validation mechanism.
Risk Assessment
This vulnerability could lead to serious security issues, including unauthorized access to system memory and system instability.
Recommendation
It is recommended to update the Armoury Crate application to the latest version to patch this vulnerability and restrict administrator access to trusted users.
Original NVD description (English source)
A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash (BSOD) by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory for more information.

