Over 140,000 ASUS routers may be at risk due to a significant security flaw
In a recent development, researchers at Censys have identified a critical vulnerability in at least 147,000 ASUS routers, a potential concern for the security of these devices. The vulnerability, listed as CVE-2024-3080, is an authentication bypass flaw that allows a remote attacker to bypass authentication and gain login access.
This vulnerability affects seven popular ASUS router models, including the ZenWiFi XT8 and RT-AX88U. In response to this discovery, ASUS issued a security advisory on June 14, recommending customers to upgrade their firmware or apply mitigation steps if an upgrade is not possible.
The CVSS score of the vulnerability is 9.8, indicating a high severity. This vulnerability, while specific to ASUS devices, highlights broader security concerns around edge devices. Edge devices, often serving as the primary network gateways, can be a prime target for malicious attacks.
There are known active exploitations of CVE-2024-3080 in the wild. Cloudflare has attributed high-bitrate attacks to a botnet composed of infected ASUS home routers exploiting this exact vulnerability, indicating active malicious use. Additionally, some cybersecurity reports confirm the presence of exploit code and the use of this flaw to compromise affected devices.
The potential impact of this vulnerability on small office/home office (SOHO) and edge devices is significant. An authentication bypass allows attackers to gain unauthorized administrative access, leading to complete device compromise. This can result in intercepted traffic, malware deployment, or the use of devices as part of botnets engaging in DDoS attacks or other offensive operations. Such exploitation threatens privacy, network integrity, and operational reliability of SOHO and edge networks widely.
Emily Austin, principal security researcher at Censys, stated that the vulnerability in ASUS routers fits into the larger picture of security concerns around SOHO and edge devices. Censys researchers have not found any current indications of active exploitation or a proof of concept for the vulnerability in ASUS routers.
In light of these findings, ASUS has released urgent security updates to patch this vulnerability and strongly urges users to update their router firmware immediately. It is crucial for all customers of ASUS routers to take necessary steps to secure their devices.
The increasing number of malicious attacks on edge devices raises questions about the overall security of these devices. Edge devices can be recruited into botnets or serve as initial access vectors or pivot points into an organization's network. As such, it is essential to prioritize the security of edge devices to protect the privacy and integrity of networks worldwide.
References: [1] ASUS Security Advisory: CVE-2024-3080 [2] ASUS Urges Users to Update Routers Immediately to Patch Critical Vulnerability [3] Cloudflare Attribues High-Bitrate Attacks to Botnet of Infected ASUS Routers [4] ASUS Releases Security Updates to Patch Critical Vulnerability in Routers [5] Cybersecurity Reports Confirm Presence of Exploit Code for CVE-2024-3080 in ASUS Routers
- The discovery of the high-severity vulnerability, CVE-2024-3080, in ASUS routers underscores the broader issue of cybersecurity in the context of technology and general-news, as it reveals a potential threat to the security of edge devices.
- In the realm of crime-and-justice, the active exploitation of CVE-2024-3080, as seen in high-bitrate attacks and botnet activities, demonstrates the putting-to-use of technology vulnerabilities for malicious purposes.
- As ASUS continuously updates their routers' firmware to address vulnerabilities such as CVE-2024-3080, there's a growing need for increased cybersecurity awareness and proactive measures in the protection of small office/home office (SOHO) and edge devices, to ensure the preservation of privacy, network integrity, and operational reliability in the face of escalating cyber threats.
