ASUS has recently deployed critical software updates aimed at rectifying a significant security vulnerability that affects its routers. This flaw poses a serious risk as it could potentially allow malicious actors to bypass authentication protocols, thereby gaining unauthorized access to devices. The vulnerability, identified as CVE-2024-3080, has been assigned a CVSS score of 9.8 out of 10, indicating a grave risk level.
According to a report from the Taiwan Computer Emergency Response Team (TWCERT/CC), certain models of ASUS routers are susceptible to this authentication bypass vulnerability. The implications of such a vulnerability are severe, as it could enable remote attackers to log into the affected devices without proper authentication.
In addition to the authentication vulnerability, ASUS has addressed a high-severity buffer overflow issue, tracked as CVE-2024-3079, which has a CVSS score of 7.2. This flaw can be exploited by attackers who possess administrative privileges, granting them the ability to execute arbitrary commands on the affected devices. Both vulnerabilities represent serious threats to cybersecurity, particularly as they can be combined in an attack scenario to enable unauthorized access and execution of malicious code.
The vulnerable ASUS products include multiple models of routers, such as the ZenWiFi XT8, RT-AX88U, and others. Each model and its associated firmware version is specified, highlighting the need for affected users to update to the latest firmware to mitigate potential threats.
Earlier this year in January, ASUS responded to another critical vulnerability classified as CVE-2024-3912, which also had a CVSS score of 9.8. This specific vulnerability allowed unauthenticated remote attackers to upload files and execute system commands, further emphasizing the ongoing security challenges faced by ASUS products.
As of June 20, 2024, Censys reported that there are over 147,000 ASUS routers exposed to the CVE-2024-3080 vulnerability, a figure they suggest could be an underrepresentation. This situation underscores the urgency for users to ensure their devices are updated and fortified against potential exploitation.
The vulnerabilities identified within ASUS routers demonstrate tactics that could align with various stages outlined in the MITRE ATT&CK framework, including initial access and privilege escalation. The exploitability of these flaws suggests a need for robust cybersecurity practices, particularly for businesses relying on these devices.
In light of these incidents, it is critical for businesses using ASUS routers to implement necessary updates and remain vigilant about emerging threats, reinforcing their overall cybersecurity posture.
