CVE-2025-59374 - ASUS Live Update
AI Vulnerability Context"UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specific targeting conditions to perform unintended actions. Only devices that met these conditions and installed the compromised versions were affected. The Live Update client has already reached E...
Overview
A source-backed snapshot of this vulnerability.
"UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specific targeting conditions to perform unintended actions. Only devices that met these conditions and installed the compromised versions were affected. The Live Update client has already reached End-of-Support (EOS) in October 2021, and no currently supported devices or products are affected by this issue.
Vulnerability status
How serious this vulnerability is and whether it is known to be exploited.
- CVE ID
- CVE-2025-59374
- Vendor/project
- ASUS
- Product
- Live Update
- Vulnerability name
- ASUS Live Update Embedded Malicious Code Vulnerability
- Date added
- 2025-12-17
- Due date
- 2026-01-07
- Known ransomware campaign use
- Unknown
- CVSS v3
- 9.8
- CVSS v4
- 9.3
Exploit context
What the vulnerability is about.
"UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specific targeting conditions to perform unintended actions. Only devices that met these conditions and installed the compromised versions were affected. The Live Update client has already reached End-of-Support (EOS) in October 2021, and no currently supported devices or products are affected by this issue.
Source evidence
Original public records and references for this page.
Original source
Original source links
Open the public records and source datasets used for this page.
