CVE-2025-59374
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
"UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specific targeting conditions to perform unintended actions. Only devices that met these conditions and installed the compromised versions were affected. The Live Update client has already reached End-of-Support (EOS) in October 2021, and no currently supported devices or products are affected by this issue.
| CWE | CWE-506 |
| Vendor | asus |
| Product | live update |
| Published | Dec 17, 2025 |
| Last Updated | Feb 26, 2026 |
⚠️ Actively Exploited — Act Now
Get instant alerts for asus live update
This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2025-59374.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
ASUS / live update
before 3.6.6