ASUS Issues Urgent Firmware Updates to Fix Critical Router Vulnerabilities; Users Advised to Act Now
June 17, 2024ASUS has released firmware updates for several router models to address critical security vulnerabilities.
Affected models include RT-AC68U, RT-AC86U, RT-AX57, RT-AX58U, RT-AX88U, XT8_V2, and XT8.
CVE-2024-3080 could allow remote attackers to take control of the router.
CVE-2024-3079 requires admin rights to exploit.
Users are advised to update their devices, use strong passwords, disable remote access, and limit access to selected accounts for security.
Unsupported models such as DSL-N10_C1 and DSL-N10_D1 are vulnerable to CVE-2024-3912, which allows malicious firmware upload.
Updating to the latest firmware versions is crucial to protect against these vulnerabilities.
Taiwan's CERT has highlighted an additional critical vulnerability for arbitrary firmware upload on certain ASUS router models.
Users of routers with Download Master utility should update to version 3.1.0.114 to address medium to high-severity security issues.
Summary based on 3 sources
Get a daily email with more Tech stories
Sources
BleepingComputer • Jun 14, 2024
ASUS warns of critical remote authentication bypass on 7 routersSecurity Affairs • Jun 16, 2024
ASUS fixed critical remote authentication bypass bug in several routers