Priya Patel
TLDR:
- ASUS released patches for an authentication bypass vulnerability affecting multiple router models.
- The vulnerability allows hackers to remotely take control of the devices without any input from end users.
ASUS has addressed a critical flaw in multiple router models that allows remote takeovers by threat actors without authentication. The vulnerability, CVE-2024-3080, has a severity rating of 9.8 out of 10 and impacts models such as the XT8, RT-AX58U, and RT-AC68U. The Taiwan Computer Emergency Response Team issued recommendations to replace affected devices. Two other vulnerabilities, CVE-2024-3079 and CVE-2024-3912, were also identified, prompting ASUS to release security patches and advise users to ensure strong passwords and limit internet-accessible services.
Full Article:
ASUS has released patches for a critical flaw in multiple router models that allows threat actors to remotely take control of the devices. The vulnerability, CVE-2024-3080, allows hackers to circumvent authentication procedures without any input from the end users. Following the discovery, the Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) has recommended that owners of affected devices replace them. The vulnerability, CVE-2024-3080, is an authentication bypass flaw that allows attackers to log in remotely, circumventing authentication measures. It carries a 9.8 out of 10 severity rating and affects multiple router models, including the XT8 and XT8 V2, RT-AX58U, RT-AX57, RT-AX88U, RT-AC86U, and RT-AC68U.
The TWCERT/CC also warned of two other vulnerabilities affecting ASUS routers, the CVE-2024-3079 and the CVE-2024-3912, which are a buffer overflow vulnerability and remote command execution flaw, respectively. The latter affects the DSL-N12U C1, DSL-N12U D1, DSL-N14U, DSL-N14U B1, DSL-N16, DSL-N17U, DSL-N55U C1, DSL-N55U D1, DSL-N66U, DSL-AC51/DSL-AC750, DSL-AC52U, DSL-AC55U, and DSL-AC56U models. ASUS has released security patches for these flaws and urged device owners to check for the latest firmware.
Users are also recommended to set strong, unique passwords for router administration pages and wireless networks, while cutting services accessible via the internet, such as WAN remote access, port forwarding and trigger, VPN, and DDNS. The vulnerabilities’ discovery revealed hackers’ increased use of routers to obfuscate their trails, especially with the larger resources of nation-state actors, and the need for measures to mitigate such threats.
