← All drivers
vulnerable
Driver

eio.sys

ASUS legacy GPU utility driver (SmartDoctor / early GPU Tweak)

From ASUSTeK Computer (ASUS)
Part of the ASUS family
Status
On a known-vulnerable list
Known variants
2 distinct hashes
Field notes

eio.sys is a legacy ASUS graphics-utility driver, signed by ASUSTeK, that shipped with older versions of ASUS GPU tuning software (SmartDoctor and early GPU Tweak builds) for fan, voltage, and VGA tuning on ASUS graphics cards. It predates the modern ASUS Aura and Armoury Crate driver family.

There is no public CVE specifically assigned to it. Microsoft added the driver to the recommended driver block list because of the kernel-level primitives it exposes through an interface any local user can reach. LOLDrivers tracks multiple hash variants under the same filename.

If you have a current ASUS graphics card and have moved to GPU Tweak III or to the current Armoury Crate, this legacy driver is leftover from an older install and can be removed. Microsoft's Vulnerable Driver Blocklist (on by default in modern Windows 11) blocks it from loading.

What the record shows

eio.sys is listed as a known-vulnerable driver on the public LOLDrivers project. 2 distinct binary hashes matching this filename are on record, meaning multiple versions of the file have been observed.

What this means, plainly
Presence is not proof of misuse. Driver files on the LOLDrivers list commonly ship with legitimate hardware tools, gaming software, or vendor utilities. Their presence is recorded as evidence on a record. It is never treated as a verdict about a person.
Source

Status data comes from the public LOLDrivers project, a community-curated registry of drivers known to be vulnerable or malicious. The snapshot Vera uses was refreshed July 10, 2026. CVE links go to the NIST National Vulnerability Database.

Cite this entry

Vera Project. “eio.sys.” Vera Field Guide (Driver). The Vera Project. https://www.veraproject.xyz/field-guide/drivers/eio-sys