Man-in-the-Middle Vulnerability in ADM by Asustor NAS Devices
CVE-2025-13053

7HIGH

Key Information:

Vendor: Asustor
Status: Adm
Vendor: CVE Published:; 12 December 2025

What is CVE-2025-13053?

This vulnerability occurs in Asustor's ADM software when it is configured to manage UPS devices. The lack of enforced TLS certificate verification allows attackers to potentially intercept communication between the client and UPS server. By exploiting this weakness, an attacker can conduct a man-in-the-middle attack, gaining unauthorized access to sensitive UPS server configuration data. Users of affected ADM versions should take immediate action to secure their systems and follow vendor advisories.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ADM Linux 4.1.0 <= 4.3.3.RKD2

ADM Linux 5.0.0 <= 5.1.0.RN42

References

https://www.asustor.com/security/security_advisory_detail...

vendor-advisory

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Dec 12, 2025
Vulnerability Reserved
Nov 12, 2025

Credit

Nuke

JSON

Asustor

What is CVE-2025-13053?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.