20251218-thehackernews.com-ba520 | Perceptive Security

< Back to index

CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

Published:

18 December 2025 at 05:01:00

Alert date:

18 December 2025 at 06:01:16

Source:

thehackernews.com

Supply Chain & Dependencies, Enterprise Applications

CISA added a critical ASUS Live Update vulnerability (CVE-2025-59374) to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation. The flaw has a CVSS score of 9.3 and is described as an embedded malicious code vulnerability that was introduced through a supply chain compromise. This represents a significant security risk as it affects ASUS Live Update software and is being actively exploited in the wild.

Technical details

ASUS Live Update client was compromised through a supply chain attack where unauthorized modifications were introduced. The modified builds contained embedded malicious code that could cause devices meeting specific targeting conditions to perform unintended actions. The attack used a hard-coded list of more than 600 unique MAC addresses to surgically target specific users. Only devices that met the targeting conditions and installed the compromised versions were affected. The attack occurred between June and November 2018.

Mitigation steps:

Update ASUS Live Update to version 3.6.8 or higher
Federal Civilian Executive Branch (FCEB) agencies should discontinue use of the tool by January 7, 2026
Note that ASUS Live Update reached end-of-support (EOS) as of December 4, 2025

Affected products:

ASUS Live Update (compromised versions
fixed in version 3.6.8
last version 3.6.15)