216.73.216.170

CVE-2025-14252

· Published 16/12/2025 06:15 · Modified 16/12/2025 14:10

Labels: CVE-2025-14252 2025-12-163ad20294-822c-4ebc-9301-f9a7cf62d46eCVE-2025-14252

Essential information

Published
16/12/2025 06:15
Modified
16/12/2025 14:10
Author
Creator
CVSS
8.5 HIGH (v3) 8.5 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

An Improper Access Control vulnerability in Advantech SUSI driver (susi.sys) allows attackers to read/write arbitrary memory, I/O ports, and MSRs, resulting in privilege escalation, arbitrary code execution, and information disclosure. This issue affects Advantech SUSI: 5.0.24335 and prior.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
3ad20294-822c-4ebc-9301-f9a7cf62d46e
NVD
View on NVD

References