Dive Brief:
- At least 147,000 ASUS routers are potentially exposed to a critical vulnerability, which can allow a remote attacker to bypass authentication and gain login access, researchers at Censys said Thursday.
- ASUS issued a security advisory on June 14 recommending customers upgrade their firmware or apply mitigation steps if the upgrade was not possible.
- The improper authentication vulnerability, listed as CVE-2024-3080, has a CVSS score of 9.8.
Dive Insight:
The ASUS vulnerability raises more questions about the overall security of edge devices, which have become frequent targets of malicious attacks in recent years.
“While this particular vulnerability is specific to ASUS devices, it fits into the larger picture of security concerns around [small office/home office] and edge devices,” Emily Austin, principal security researcher at Censys, said via email. “These devices can be recruited into botnets or serve as initial access vectors or pivot points into an organization's network.”
A number of state-linked threat groups, including Volt Typhoon, have exploited vulnerabilities in these devices since 2023 to conduct reconnaissance and other malicious activity.
In some cases botnets have used edge devices to threaten U.S. critical infrastructure.
Censys researchers said there are no current indications of active exploitation or a proof of concept. However, Censys said the number of exposed routers was likely underestimated and may get revised upward within days.