Unrated severityCISA KEVNVD Advisory· Published Dec 17, 2025· Updated Feb 26, 2026

CVE-2025-59374

Description

"UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specific targeting conditions to perform unintended actions. Only devices that met these conditions and installed the compromised versions were affected. The Live Update client has already reached End-of-Support (EOS) in October 2021, and no currently supported devices or products are affected by this issue.

Affected products

ASUS/live updatev5
Range: before 3.6.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.asus.com/news/hqfgvuyz6uyayje1/mitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.017
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000