Asus has rolled out a critical firmware update to fix a serious vulnerability affecting seven of its business router models. It urges customers and users to check their firmware status and apply the update accordingly.
The flaw, identified as CVE-2024-3080 with a VCSS v3.1 score of 9.8, is an authentication bypass vulnerability that could allow unauthenticated remote attackers to gain control of the device.
The affected routers, a range of XT8 and RT models, should now be checked for firmware updates to prevent unwarranted access and ensure optimal protection.
Asus patches seven router models
Affected models include the following Wi-Fi 5 and Wi-Fi 6 models: XT8 (ZenWiFi AX XT8), XT8_V2 (ZenWiFi AX XT8 V2), RT-AX88U, RT-AX58U, RT-AX57, RT-AC86U and RT-AC68U.
The latest Asus firmware versions are available on the download portals; However, for users who cannot update immediately, Asus has also provided a series of instructions and guidelines to improve protection, requiring users to opt for strong passwords and disable Internet access to the admin panel, remote access from WAN, port forwarding, DDNS, VPN server, DMZ and port trigger.
In the same update package, Asus also addresses CVE-2024-3079, a high-severity buffer overflow vulnerability that requires administrative account access to be exploited. It received a CVSS score of 7.2.
Another vulnerability has been identified, tracked as CVE-2024-3912. A CVSS score of 9.8 allows unauthenticated remote attackers to execute system commands. However, not all routers are eligible for the update due to their end-of-life status.
While the company’s routers are often in the news for security fixes and firmware updates, it is clear that the company remains committed to protecting its users in a timely manner. However, with legacy devices no longer receiving updates, this news not only serves as an important reminder to ensure that firmware and software updates are applied in a timely manner, but that users replace their devices regularly to keep up with evolving technology and threats . landscape.