CVE-2025-11775

EUVD-2025-203873
An out-of-bounds read vulnerability has been identified in the asComSvc service. This vulnerability can be triggered by sending specially crafted requests, which may lead to a service crash or partial loss of functionality. This vulnerability only affects ASUS motherboard series products. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
ASUSCNA
4.8 MEDIUM
LOCAL
LOW
LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
asusarmoury_crate
𝑥
≤ 6.3.4
CNA
Common Weakness Enumeration
References
https://www.asus.com/security-advisory