Latest CEVs regarding Asus routers, and what exactly is affected ?

[iFrogMac]

Hey all,
I listen to the Security Now podcast, and on this week's Episode Steve mentioned a 9.8 rated CEV targeting Asus routers. I'll have to go back and listen to the podcast again once it posts, as I like to watch it live.
What I'm curious about is, what all do these vulnerabilities affect and do I need to be concerned as a single home user.? I have checked at least once a week for firmware updates, and I'm still on the latest.

Again my model is RT-AX86U.

P.s. I haven't had any issues with functionality, or stability. However, when I hear about security risks, I like to check them out to see if I need to adjust anything in my setup.

 

[Tech9]

Just stop worrying about things outside of your control.

 

[iFrogMac]

Just stop worrying about things outside of your control.

I'm not worried, i simply came to get more info on things to see if i needed to be aware of anything that I may not have paid attention to. That's why I watch Security Now, to stay informed.

 

[KevTech]

Sometimes these places are reporting things that Asus has already patched.

 

[iFrogMac]

Sometimes these places are reporting things that Asus has already patched.

Right, that's why I asked as I haven't seen any recent reports and I know sometimes Steve though with a good track record has reported on slightly older stories. Again though, it's always good to make sure I have updated info.

 

[bennor]

I listen to the Security Now podcast, and on this week's Episode Steve mentioned a 9.8 rated CEV targeting Asus routers.

What was the CVE they mentioned? If it was CVE-2024-3080 then it's already been patched by Asus earlier this year and there have already been a number of past posts/discussions about CVE-2024-3080 here. Just a couple of the past discussions:

ASUS Security Issues

I came across these today.

www.snbforums.com

Is this a concern for those of us using Merlin firmware? (CVE-2024-3080)

Is this a concern for those of us using Merlin firmware? ASUS has released a new firmware update that addresses a vulnerability impacting seven router models that allow remote attackers to log in to devices. The flaw, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8 “critical”), is an...

www.snbforums.com

ASUS Product Security Advisory | ASUS Global

www.asus.com

06/14/2024 XT8, XT8_V2, RT-AX88U, RT-AX58U, RT-AX57, RT-AC86U, RT-AC68U security update notice for CVE-2024-3079 and CVE-2024-3080

ASUS has released a new firmware update for the XT8, XT8_V2, RT-AX88U, RT-AX58U, RT-AX57, RT-AC86U, RT-AC68U

We advise you to check your equipment and security procedures regularly, as this will make you safer. As a user of an ASUS router, we recommend doing the following steps:
• Update your router with the newest firmware. We encourage you to do this when new firmware becomes available. You can find the newest firmware on the ASUS support page at
https://www.asus.com/support/ or the relevant product page at
https://www.asus.com/Networking/. ASUS has provided a link to new firmware for some routers at the end of this notice.
• Use different passwords for your wireless network and router-administration page. Use passwords that have at least 10 characters, with a mix of capital letters, numbers and symbols. Do not use the same password for more than one device or service.

If you are not able to update the firmware quickly, please make sure that both your login and WiFi passwords are strong. It is recommended (1) disable any services that can be reached from the internet, such as remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port trigger. (2) passwords have more than 10 characters with a variety of capitalized letters, numbers, and special characters to increase the security level of your devices. Do not use passwords with consecutive numbers or letters, such as 1234567890, abcdefghij, or qwertyuiop."

(See the Asus product security link for more.)

 

[iFrogMac]

What was the CVE they mentioned? If it was CVE-2024-3080 then it's already been patched by Asus earlier this year and there have already been a number of past posts/discussions about CVE-2024-3080 here. Just a couple of the past discussions:

ASUS Security Issues

I came across these today.

www.snbforums.com

Is this a concern for those of us using Merlin firmware? (CVE-2024-3080)

Is this a concern for those of us using Merlin firmware? ASUS has released a new firmware update that addresses a vulnerability impacting seven router models that allow remote attackers to log in to devices. The flaw, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8 “critical”), is an...

www.snbforums.com

ASUS Product Security Advisory | ASUS Global

www.asus.com

(See the Asus product security link for more.)

Thank you for the info. I, as I said, need to go back and listen to it again after Twit Posts the security Now episode. Then I'll come back here and reference the links provided, and confirm the above mentioned, or if it's something different.

 

[iFrogMac]

@bennor Hi, went back and referenced the links you posted after going to the Asus section of the episode of Security Now. Sounds like he was referring to the issue where people could take over the router if a public port was opened such as a media server. I'm also guessing it's related to the built in server function of the router too. Not something like Plex, etc as I've never had issues with those. I used to have remote access for Plex on, but turned it off as I never needed it. So, it's local only. With this said, it sounds like, while it was a good idea to just double check. These are the issues already fixed, or if any still exist they don't apply to my particular setup.

I've pretty much set up my router, and have just left it alone, and it's been fine.