CVE-2025-59373

Published: Nov 25, 2025

Modified: Nov 25, 2025

PUBLISHED

Description

A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation into protected system paths, potentially leading to arbitrary files being executed as SYSTEM. For more information, please refer to section Security Update for MyASUS in the ASUS Security Advisory.

Vendor	Product	Versions
ASUS	MyASUS	affected `0 - < 3.1.48.0`

Weaknesses (CWE)

CWE-732

References

https://www.asus.com/content/security-advisory/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-59373

Description

Affected Products

Weaknesses (CWE)

References