The flaw, tracked as CVE-2025-59374, affects ASUS Live Update, a utility commonly used to deliver firmware and software updates to ASUS devices.
According to the advisory, specific ASUS Live Update clients were distributed with embedded malicious code after attackers introduced unauthorized modifications through a supply chain compromise.
These modified builds can cause devices that meet specific targeting conditions to perform unintended actions.
| Attribute | Details |
|---|---|
| CVE ID | CVE-2025-59374 |
| Affected Product | ASUS Live Update |
| Vulnerability Type | Embedded Malicious Code |
| Related CWE | CWE-506 |
| Attack Vector | Supply Chain Compromise |
| Impact | Unintended device actions, potential malware deployment |
| Product Status | End-of-Life (EoL) / End-of-Service (EoS) |
Potentially allowing attackers to gain control, deploy malware, or further compromise victim environments.
The exact targeting logic has not been publicly detailed. However, the presence of tailored conditions suggests a focused and potentially advanced campaign.
CISA notes that the impacted product may already be end-of-life (EoL) or end-of-service (EoS). This increases risk because such products often no longer receive security updates.
As a result, the agency advises users and organizations to discontinue use of the product if effective mitigations are not available.
The vulnerability is associated with CWE-506 (Embedded Malicious Code), a weakness category that covers scenarios where malicious content is inserted into otherwise legitimate software.
This kind of supply chain compromise is hazardous because it abuses trust in vendor update mechanisms and can scale quickly across many systems.
It is currently unknown whether CVE-2025-59374 is being used in ransomware campaigns. Its inclusion in the KEV catalog means active exploitation has been observed in the wild.
CISA requires U.S. federal civilian agencies to apply vendor mitigations or discontinue use by January 7, 2026, and strongly urges all other organizations to follow the same guidance.
Security teams should immediately review their environments for affected ASUS Live Update deployments and apply any available vendor fixes. When mitigations are not feasible, remove or replace affected software as quickly as possible.
AI-Powered ISO 27001, SOC 2, NIST, NIS 2, and GDPR Compliance Checklist => Start for Free
The post CISA Adds ASUS Embedded Malicious Code Vulnerability to KEV List Following Active Exploitation appeared first on Cyber Security News.
Kilmar Abrego Garcia arriving at a downtown Nashville courthouse with his wife, Jennifer Vasquez Sura,…
The University of Nevada, Las Vegas, is among the nation's largest Hispanic-serving institutions.(Photo by Hugh…
Warning: This review contains full spoilers for The Pitt Season 2, Episode 8!One of the…
A newly uncovered phishing campaign is delivering Agent Tesla, one of the most widely used…
The Trump Administration’s purchase of two vacant warehouses in two rural Pennsylvania townships illustrates where…
Netflix has announced that it has declined to raise its offer for Warner Bros. Discovery,…
This website uses cookies.