ASUS Router AiCloud Vulnerabilities

Summary:
ASUS has released security updates to address two high severity flaws impacting several of its router models. Tracked as CVE-2024-12912 and CVE-2024-13062, the bugs could enable authenticated attackers to execute commands through the ASUS AiCloud feature, a cloud-based service that allows users to remotely access, share, and manage their data stored on ASUS routers. Specifically, the vulnerabilities impact routers running firmware versions 3.0.0.4_386, 3.0.0.4_388, and 3.0.0.6_102. While ASUS did not mention whether these flaws are actively being exploited in attacks in the wild, the vendor recommends updating to the latest firmware releases as soon as possible. Please defer to the ASUS support page below to find the newest firmware for your device model:
https://www.asus.com/support/

Security Officer Comments:
While these vulnerabilities require administrative access for successful exploitation, attackers can gain entry through credential stuffing or brute-forcing attacks, exploiting weak or commonly used passwords. Once authenticated, attackers could execute malicious commands, effectively compromising the router and the network. This could grant them access to sensitive data, enable them to reconfigure settings, and even integrate the router into a botnet, using it as a launching pad for further attacks on other systems or networks.

Suggested Corrections:
To mitigate the risk, ASUS recommends users take the following steps:

  • Update router firmware promptly when new versions become available. Users can find the latest firmware on the ASUS support page or their product’s specific page on the ASUS website.
  • Implement strong, unique passwords for both the wireless network and router administration page. Passwords should be at least 10 characters long and include a mix of uppercase and lowercase letters, numbers, and symbols. ASUS emphasizes avoiding sequential numbers or letters in passwords, such as “1234567890” or “abcdefghij”.
  • Enable password protection within the AiCloud service.
  • For users unable to update immediately or those with end-of-life routers running 3.0.0.4_382 firmware, ASUS advises:– Ensuring both login and WiFi passwords are strong– Disabling services accessible from the internet, such as remote access, port forwarding, DDNS, VPN server, DMZ, and FTP

Link(s):
https://www.asus.com/content/asus-product-security-advisory/


https://cybersecuritynews.com/asus-router-vulnerabilities/

Contact Us for Threat Assistance Back to Current Threats

Just Starting?



Contact LACyber for More Info

Form Temporarily Disabled
Please Call 716 871-7040 for Service


Current Active Cyber Threats