The United States Cybersecurity and Infrastructure Security Agency added a critical vulnerability affecting the ASUS Live Update utility to its Known Exploited Vulnerabilities catalog after evidence of active exploitation. The flaw identified as CVE 2025 59374 carries a high severity rating and stems from a supply chain compromise that affected certain Live Update builds distributed with unauthorized modifications.
ASUS Live Update is used on many ASUS systems to distribute BIOS UEFI drivers and other components. Attackers introduced malicious code into older versions of the tool via a supply chain attack that ran in 2018 as part of the Operation ShadowHammer campaign where threat actors targeted specific devices based on network adapter identifiers.
Although ASUS has released patched versions of the tool and support for ASUS Live Update has been phased out as of early December 2025 users and organisations relying on older versions should discontinue usage and apply updated tools.
Why the ASUS Live Update Vulnerability Is Serious
Supply chain attacks like this one are especially dangerous because they compromise trust in vendor update mechanisms. When attackers can insert malicious code into widely distributed update tools they can reach large populations of devices and systems. Organisations must treat supply chain compromise as a top cybersecurity risk vector.
The fact that CISA added this flaw to its Known Exploited Vulnerabilities catalog means federal agencies and critical infrastructure operators are required to address it promptly as part of compliance and risk management frameworks.
Exploitation and Impact
Threat actors could use the compromised update tool to perform unintended actions on devices that installed the tainted software. This may include downloading additional payloads altering firmware drivers or exposing system configurations. Supply chain attacks often combine malicious code with trusted vendor updates to evade detection.
This type of threat highlights the importance of secure software distribution processes rigorous code signing and independent verification of update artifacts.
Protection Strategies
Discontinue use of ASUS Live Update and install only vendor verified tools.
Validate update packages using cryptographic signatures and hashes.
Monitor supply chain sources for CVE disclosures and exploitation evidence.
Perform penetration testing that includes scenarios where vendor tools are compromised or supply chain artifacts are tampered with.
Educate security teams about supply chain based threats and remediate vulnerable utilities promptly.
By adopting these practices organisations can reduce exposure to supply chain vulnerabilities and reinforce software integrity across systems.
