CVE-2025-59373

Vulnerability Description

A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation into protected system paths, potentially leading to arbitrary files being executed as SYSTEM. For more information, please refer to section Security Update for MyASUS in the ASUS Security Advisory.

Related Weaknesses (CWE)

CWE-732

References

https://www.asus.com/content/security-advisory/

FAQ

What is CVE-2025-59373?

CVE-2025-59373 is a documented vulnerability. A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation ...

How severe is CVE-2025-59373?

CVSS scoring is not yet available for CVE-2025-59373. Check NVD for updates.

Is there a patch for CVE-2025-59373?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.