Technology

Asus patches serious security flaw across multiple routers — update now if you have any of these models

June 17, 2024

Asus has rolled out a critical firmware update to patch a severe vulnerability affecting seven of its business router models, urging customers and users to check their firmware status and apply the update accordingly.

The flaw, identified as CVE-2024-3080 with a VCSS v3.1 score of 9.8, is an authentication bypass vulnerability that allows unauthenticated remote attackers to gain control of the device.

The affected routers, a series of XT8 and RT models, should now be checked for firmware updates in order to prevent unwarranted access and to ensure optimal protection.

Asus patches seven router models

The models affected include the following Wi-Fi 5 and Wi-Fi 6 models: XT8 (ZenWiFi AX XT8), XT8_V2 (ZenWiFi AX XT8 V2), RT-AX88U, RT-AX58U, RT-AX57, RT-AC86U, and RT-AC68U.

The latest Asus firmware versions are available on its download portals; however, for users unable to update immediately, Asus has also provided a set of instructions and guidance to improve protection, noting users should opt for strong passwords and disable internet access to the admin panel, remote access from WAN, port forwarding, DDNS, VPN server, DMZ, and port trigger.

In the same update package, Asus also addresses CVE-2024-3079, a high-severity buffer overflow vulnerability that requires admin account access to exploit. It was awarded a CVSS score of 7.2.

Yet another vulnerability, tracked as CVE-2024-3912, has been identified. With a CVSS score of 9.8, it allows unauthenticated remote attackers to execute system commands. However, not all routers will be eligible for the update due to end-of-life status.

Though the company’s routers often make it into the news for security fixes and firmware updates, it’s clear that the company remains committed to protecting its users in a timely manner. However, with sunsetted devices no longer receiving updates, this news serves as an important reminder not only to ensure that firmware and software updates are applied in due time, but that users replace their devices regularly in order to keep up with an evolving tech and threat landscape.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

LEAVE A REPLY Cancel reply

EDITOR PICKS

POPULAR POSTS

QUICK LINKS

ABOUT US

FOLLOW US

Cookie bar