ASUS has released new firmware with cumulative security updates that address vulnerabilities in multiple router models, warning customers to immediately update their devices or restrict WAN access until they're secured.
As the company explains, the newly released firmware contains fixes for nine security flaws, including high and critical ones.
The most severe of them are tracked as CVE-2022-26376 and CVE-2018-1160. The first is a critical memory corruption weakness in the Asuswrt firmware for Asus routers that could let attackers trigger denial-of-services states or gain code execution.
The other critical patch is for an almost five-year-old CVE-2018-1160 bug caused by an out-of-bounds write Netatalk weakness that can also be exploited to gain arbitrary code execution on unpatched devices.
"Please note, if you choose not to install this new firmware version, we strongly recommend disabling services accessible from the WAN side to avoid potential unwanted intrusions. These services include remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port trigger," ASUS warned in a security advisory published today.
"We strongly encourage you to periodically audit both your equipment and your security procedures, as this will ensure that you will be better protected."
The list of impacted devices includes the following models: GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000, and TUF-AX5400.
Customers urged to patch immediately
ASUS warned users of impacted routers to update them to the latest firmware as soon as possible, available via the support website, each product's page, or via links provided in today's advisory.
The company also recommends creating distinct passwords for the wireless network and router administration pages of at least eight characters (combining uppercase letters, numbers, and symbols) and avoiding using the same password for multiple devices or services.
The support website also provides detailed information on updating the firmware to the latest version and the measures users can take to make their routers more secure.
ASUS' warning should be taken seriously, seeing that the company's products have been known to be targeted by botnets before.
For instance, in Mach 2022, ASUS warned of Cyclops Blink malware attacks targeting multiple ASUS router models to gain persistence and use them for remote access into compromised networks.
One month earlier, in February 2022, a joint security advisory from U.S. and U.K. cybersecurity agencies linked the Cyclops Blink botnet to the Russian military Sandworm threat group before disrupting it and preventing its use in attacks.
Comments
JamesVanderPump - 10 months ago
I urge people to stop buying Asus Routers. I have a very expensive Asus router on the shelf that no longer receives any firmware updates and due to Broadcom chipset doesn't work with OpenWrt. Even the Merlin alternative firmware is no help as it is just a bit of fine tuning of the base firmware. Compare that with a very old TP-Link router that still serves my parents with a current OpenWrt firmware release.
Dragonash - 10 months ago
Yeah. Would be nice if they actually update their firmware then? Waited 2 years for one and even that was old version comparing to others. And the router is actually on that list.
So unless you buy the top end 700€ one or RT-AX58U don't buy asus. You won't get any updates
MrDoh - 9 months ago
My "main" router is a GT-AX6000, one of the routers on the affected list. As well as the ZenWiFi XT8 mesh, an RT-AX86U and an RT-AX3000.. I'm happy with Asus firmware and the frequency of releases and fixes for the last few years. Asus releases firmware with fixes for security exploits and enhancements about every 1 - 2 months for my routers. In the notes that come with the release, they list the changes to the firmware...not all the CERTs and bugs that they fix, but the ones that are considered important are listed. The latest firmware that they've most recently released adds VLAN and other useful functionality to existing routers as well as fixing CERTs, how many router manufacturers add features after they've sold a router?
I don't know what firmware releases are out there for the other posters' Asus routers, but Asus has a good record of releasing new firmware for their routers until they've reach end-of-life (EOL).
Anyways, Asus has one of the best, if not the best, record for post-sales support of their routers . If you don't believe me, pick a current model, like the GT-AX6000 or RT-AX86U and go look at the firmware releases that are available. Asus does remove older firmware releases from their download sites to get customers to install the newest releases. so keep that in mind when checking this out.
sethmeisterg - 10 months ago
Why is this article posting this TODAY as if this is new information? The GS-AX5400, for example, has had this fix released last NOVEMBER. This is not a new fix.
name-ou812 - 10 months ago
I have an AX-82U and I dont have any problems with it.
Ory411 - 9 months ago
I think ASUS is the only one router vendor that is willing to update firmware for over 7 years, my old AC68U is still in their firmware update list until now, this is amazing as this model has been launched for many years, it's hard to find a vendor who is willing to maintain the software for such a long time, especially cyber security update is really important which prevents user being hacked, if you want to be hacked, you can buy other brands. The maintenance capability is really an important factor when purchasing electronic products, so I highly recommend ASUS. .