TXOne Networks
Hero background

CVE-2025-14252

Last Updated: December 16, 2025

Advantech SUSI Driver Improper Access Control Vulnerability

CVE IDCVE-2025-14252
SeverityHigh
Affected VendorsAdvantech
Affected ProductsAdvantech SUSI 5.0.24335 and prior
Vulnerability DetailsAn Improper Access Control vulnerability in Advantech SUSI driver (susi.sys) allows attackers to read/write arbitrary memory, I/O ports, and MSRs, resulting in privilege escalation, arbitrary code execution, and information disclosure. This issue affects Advantech SUSI: 5.0.24335 and prior.
Solutions & RulesFixed in Advantech SUSI version 5.0.24336
CreditJason Huang of TXOne Networks

Questions About This Advisory?

Our PSIRT team is here to help with security-related inquiries.

security@txone.com