The Download
ASUS, a manufacturer of Internet routers, announced patches for critical vulnerability CVE-2024-3080 rated 9.8/10 that allows remote attackers to bypass authentication and take control of the router device. These vulnerabilities affect seven different router models ASUS manufactures and require a firmware update to patch the vulnerability.
Internet facing routers are the front door from your network to the Internet. As such they are the primary attack surface from the public facing Internet. An authentication bypass vulnerability means an arbitrary hacker from the Internet can seize control of your router and Internet traffic. This is an extremely severe vulnerability on your network if you run an affected ASUS router.
What You Can Do
First, you will need to know if you are running an affected ASUS router. The NIST CSF category Identify directs the first thing you must do: know what's on your network and what then what that attack surface is. Next, if you have an affected ASUS router, there are several mitigation strategies suggested in the linked article, however, patching the firmware should be the highest priority.
To Learn More:
Comments