CVE Catalog

CVE-2026-8918

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.22%

13th percentile - higher than 13% of all known CVEs

Summary

ASUS Armoury Crate has a vulnerability related to a permissive list of allowed inputs, allowing a local administrator to perform arbitrary memory read/write operations or cause a system crash (BSOD) by bypassing the validation mechanism.

Risk Assessment

This vulnerability could lead to serious security issues, including unauthorized access to system memory and system instability.

Recommendation

It is recommended to update the Armoury Crate application to the latest version to patch this vulnerability and restrict administrator access to trusted users.

Original NVD description (English source)

A permissive list of allowed inputs in ASUS Armoury Crate allows a local administrator to perform arbitrary memory read/write operations or cause a system crash (BSOD) by bypassing the validation mechanism.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security Advisory for more information.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS