Asus patches serious security flaw across multiple routers — update now if you have any of these models

The affected routers, a series of XT8 and RT models, should now be checked for firmware updates in order to prevent unwarranted access and to ensure optimal protection.

Asus patches seven router models

The models affected include the following Wi-Fi 5 and Wi-Fi 6 models: XT8 (ZenWiFi AX XT8), XT8_V2 (ZenWiFi AX XT8 V2), RT-AX88U, RT-AX58U, RT-AX57, RT-AC86U, and RT-AC68U.

The latest Asus firmware versions are available on its download portals; however, for users unable to update immediately, Asus has also provided a set of instructions and guidance to improve protection, noting users should opt for strong passwords and disable internet access to the admin panel, remote access from WAN, port forwarding, DDNS, VPN server, DMZ, and port trigger.

In the same update package, Asus also addresses CVE-2024-3079, a high-severity buffer overflow vulnerability that requires admin account access to exploit. It was awarded a CVSS score of 7.2.

Yet another vulnerability, tracked as CVE-2024-3912, has been identified. With a CVSS score of 9.8, it allows unauthenticated remote attackers to execute system commands. However, not all routers will be eligible for the update due to end-of-life status.

Though the company’s routers often make it into the news for security fixes and firmware updates, it’s clear that the company remains committed to protecting its users in a timely manner. However, with sunsetted devices no longer receiving updates, this news serves as an important reminder not only to ensure that firmware and software updates are applied in due time, but that users replace their devices regularly in order to keep up with an evolving tech and threat landscape. 

More from TechRadar Pro

• We’ve rounded up the best firewalls and best VPNs
• Check out the best Wi-Fi routers to maximize your broadband connection 
• Top ASUS routers have serious security flaws that could let hackers hijack your device