If the conditions are right, malicious code can get onto Asus routers

Two security vulnerabilities in the AiCloud service of Asus routers can allow attackers to access devices. In the worst case, they can completely compromise routers through malicious code attacks.

The security problem

The AiCloud component allows owners of Asus routers to access data from a connected USB stick while on the move. Two vulnerabilities (CVE-2024-12912"high", CVE-2024-13062"high") now jeopardize the security of networks.

In the security section of the Asus website, the developers describe that attackers must be logged in as an admin to carry out a successful attack. If this is the case, they can execute their own commands. How such an attack could work in detail is not yet known. There is currently no information on whether attacks have already been carried out.

Protecting devices

Asus claims to have solved the security problems in the firmwares 3.0.0.4_386 series, 3.0.0.4_388 series and 3.0.0.6_102 series. The manufacturer is not currently specifying which router models are affected. Anyone who owns an Asus router should therefore ensure that the firmware is up to date. Devices that are no longer supported will no longer receive security updates. At this point, the device should be replaced.

To protect routers in general, owners must use strong Wi-Fi passwords. In addition, devices should only be accessible via the Internet when absolutely necessary. If this cannot be avoided, connections should ideally be established via encrypted VPN tunnels. Asus also recommends activating AiCloud password protection.

(des)