CVE-2025-59374 is a critical vulnerability classified under CWE-506, which pertains to embedded malicious code. The vulnerability stems from a supply chain compromise affecting certain versions of the ASUS Live Update client software prior to version 3.6.6. During the build or distribution process, unauthorized modifications were introduced, embedding malicious code within the software. This malicious code can cause affected devices that meet specific targeting conditions to execute unintended and potentially harmful actions without requiring any user interaction, privileges, or authentication. The vulnerability has a CVSS 4.0 base score of 9.3, indicating a critical severity due to its network attack vector, low attack complexity, and no required privileges or user interaction. The impact covers confidentiality, integrity, and availability, with high potential for damage. Importantly, the ASUS Live Update client reached End-of-Support in October 2021, meaning no currently supported ASUS devices are affected. No patches or updates are available, and no known exploits have been reported in the wild. The threat primarily concerns legacy ASUS devices still running outdated versions of the Live Update client, which may be present in some enterprise environments. The supply chain nature of the compromise highlights risks in software distribution and update mechanisms, emphasizing the need for supply chain security vigilance.

For European organizations, the impact of CVE-2025-59374 can be significant if legacy ASUS devices with outdated Live Update clients are in use, especially within critical infrastructure, government, or large enterprises. The embedded malicious code could lead to unauthorized remote code execution, data exfiltration, system manipulation, or denial of service, compromising confidentiality, integrity, and availability of affected systems. Given the vulnerability requires no privileges or user interaction, exploitation could be automated and widespread within vulnerable environments. The lack of patches and the EOS status of the software complicate remediation, potentially leaving some organizations exposed if they continue to rely on legacy ASUS hardware. This could result in operational disruptions, data breaches, and reputational damage. Additionally, the supply chain compromise aspect raises concerns about trust in software updates and the potential for similar attacks on other vendors, increasing overall risk awareness in Europe.

1. Identify and inventory all ASUS devices within the organization, focusing on those running the ASUS Live Update client prior to version 3.6.6. 2. Where possible, uninstall the ASUS Live Update client from legacy devices or disable its automatic update functionality to prevent execution of compromised code. 3. For devices that cannot remove the client, isolate them within segmented network zones to limit exposure and monitor network traffic for suspicious activity. 4. Conduct thorough forensic analysis and endpoint detection to identify any signs of compromise linked to this vulnerability. 5. Implement strict supply chain security policies, including verifying software integrity and authenticity before deployment. 6. Educate IT and security teams about the risks of using unsupported software and the importance of timely upgrades or hardware replacement. 7. Engage with ASUS or authorized partners to seek guidance on legacy device management and potential mitigation tools. 8. Enhance network monitoring and intrusion detection systems to detect unusual behaviors indicative of exploitation attempts. 9. Develop incident response plans tailored to supply chain compromise scenarios to ensure rapid containment and recovery.