Security Advisory

CVE-2025-14252

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-16 05:19:54

Last updated 2026-01-07 15:06:49

Assigner TXOne

State PUBLISHED

Description

An Improper Access Control vulnerability in Advantech SUSI driver (susi.sys) allows attackers to read/write arbitrary memory, I/O ports, and MSRs, resulting in privilege escalation, arbitrary code execution, and information disclosure. This issue affects Advantech SUSI: 5.0.24335 and prior.

← Browse all CVEs View on cve.org ↗