exploitDog

CVE-2025-14252

Опубликовано: 16 дек. 2025

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

An Improper Access Control vulnerability in Advantech SUSI driver (susi.sys) allows attackers to read/write arbitrary memory, I/O ports, and MSRs, resulting in privilege escalation, arbitrary code execution, and information disclosure. This issue affects Advantech SUSI: 5.0.24335 and prior.

Ссылки

https://www.txone.com/psirt/advisories/CVE-2025-14252

EPSS

Процентиль: 2%

0.00015

Низкий

7.8 High

CVSS3

Дефекты

CWE-269

Связанные уязвимости

GHSA-fw62-2gpr-jghv

CVSS3: 7.8

github

около 2 месяцев назад

An Improper Access Control vulnerability in Advantech SUSI driver (susi.sys) allows attackers to read/write arbitrary memory, I/O ports, and MSRs, resulting in privilege escalation, arbitrary code execution, and information disclosure. This issue affects Advantech SUSI: 5.0.24335 and prior.

EPSS

Процентиль: 2%

0.00015

Низкий

7.8 High

CVSS3

Дефекты

CWE-269