CVE-2025-14252

High CVSS: 8.5

An Improper Access Control vulnerability in Advantech SUSI driver (susi.sys) allows attackers to read/write arbitrary memory, I/O ports, and MSRs, resulting in privilege escalation, arbitrary code execution, and information disclosure. This issue affects Advantech SUSI: 5.0.24335 and prior.

Vendor

Product

CWE

CWE-269

Yayın Tarihi

2025-12-16 06:15:42

Güncelleme

2026-01-07 15:15:44

Source Identifier

3ad20294-822c-4ebc-9301-f9a7cf62d46e

KEV Date Added

Kategoriler

CWE-269 HIGH 2025

Referanslar

https://www.txone.com/psirt/advisories/CVE-2025-14252