CVE-2025-9337

EUVD-2025-34059
A null pointer dereference has been identified in the AsIO3.sys driver. The vulnerability can be triggered by a specially crafted input, which may lead to a system crash (BSOD).
Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
ASUSCNA
6.8 MEDIUM
LOCAL
LOW
LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
asusarmoury_crate
𝑥
< 6.3.4
CNA
Common Weakness Enumeration
References
https://www.asus.com/security-advisory/