CVE-2025-11775

CVSS 4.8 MEDIUMEPSS 0.1%CWE-125

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 4.8EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Ciclo de vida

17 dez 2025Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

An out-of-bounds read vulnerability has been identified in the asComSvc service. This vulnerability can be triggered by sending specially crafted requests, which may lead to a service crash or partial loss of functionality. This vulnerability only affects ASUS motherboard series products. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Produtos afetados

ASUS · Armoury Crate

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.asus.com/security-advisory