🟢 CVE-2025-59374

CVE-2025-59374 affects ASUS Live Update, a client-side software utility that was compromised through a supply chain attack with embedded malicious code. While it has network attack vector and is in CISA KEV, it's a client application not typically internet-facing.

← Back to Overview
LOW_RISK
Risk Level
9.3
CVSS Score
NETWORK
Attack Vector
Execution
ATT&CK Tactic
T1203 — Exploitation for Client Execution
ATT&CK Technique
VERY_LOW
Deployment Risk
No
Ransomware

📋 Vulnerability Details

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: OTHER

CVE Published: 2025-12-17

Added to CISA KEV: 2025-12-17 0 DAY BETWEEN CVE AND KEV

🎯 Recommendations:

🔍 Web Intelligence (Kagi · 2025-12-18)

CVE-2025-59374 is an embedded malicious code vulnerability found in the ASUS Live Update utility due to a supply chain compromise [1][3].

Here's what is known about its exploitation:

  • Affected Applications/Services: ASUS Live Update utility [1][3].
  • Active Exploitation: There is evidence of active exploitation of this vulnerability [3][5].
  • Attack Vectors/Exploitation Methods: The vulnerability was introduced via a supply chain compromise, with unauthorized modifications embedded in distributed installer/update packages [4]. Exploitation could allow attackers to perform unintended actions on affected devices that meet specific targeting conditions [1][2].
  • Targeted Attacks: While not explicitly stated, the compromise suggests potential for targeted attacks, as the malicious code could be designed to affect specific systems or users [2].
  • CISA KEV Status: CISA has added CVE-2025-59374 to its Known Exploited Vulnerabilities (KEV) catalog [6][7]. This means that CISA has evidence that the vulnerability is being actively exploited in the wild and requires remediation.
  • Technical Details/Internet Exploitability: The vulnerability has a CVSS score of 9.3, indicating its severity [1][3]. The malicious code is embedded, and if certain conditions are met, affected devices could be abused to perform unintended actions [1][2].

Sources

  1. CISA Warns of Exploited Flaw in Asus Update Tool - SecurityWeek

    CISA KEV. The US cybersecurity agency CISA on Wednesday warned that hackers have been exploiting a critical vulnerability in the now-discontinued Asus Live Update utility. The exploited flaw is tracked as CVE-2025-59374 (CVSS score of 9.3) and is described as “an embedded malicious code vulnerabilit…

  2. CVE Record: CVE-2025-59374

    The modified builds could cause devices meeting specific targeting conditions to perform unintended actions. Only devices that met these ...Read more…

  3. CISA Flags Critical ASUS Live Update Flaw After Evidence of Active ...

    ... Security Agency (CISA) on Wednesday added a critical flaw impacting ASUS Live Update to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active ... The vulnerability, tracked as CVE-2025-59374 (CVSS score: 9.3), has been described as an "embedded malicious code vulnerabili…

  4. CISA KEV Update 2025: Immediate Patch Priority for Cisco SonicWall and ...

    CVE-2025-59374 is an instance of embedded malicious code in some builds of the ASUS Live Update client — a supply-chain compromise where unauthorized modifications were introduced into distributed installer/update packages.

  5. The Hacker News | #1 Trusted Source for Cybersecurity News

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting ASUS Live Update to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2025-59374 (CVSS score: 9.3), has been desc…

Generated by PatchNow Intelligence System

Analysis based on CIRCL.LU data, Claude AI assessment, and MITRE ATT&CK framework

📄 Download JSON Data | 📡 RSS Feed