- ASUS patches CVE-2025-593656, a critical authentication-bypass flaw in AiCloud-enabled routers
- Vulnerability allows unauthenticated RCE; users urged to update firmware or disable risky services
- Update fixed nine flaws overall, highlighting routers as prime cyberattack targets
Asus has patched a critical-level vulnerability in its router firmware which could be used in remote code execution (RCE) attacks. Given the potential risk, users are advised to apply the fix immediately.
In a security advisory published, Asus said it fixed CVE-2025-593656, a critical authentication-bypass vulnerability impacting the AiCloud remote-access/cloud feature found on certain routers.
The problem stems from its interaction with the Samba file-sharing code which was broken and allowed unauthenticated attackers to run OS commands without valid credentials.
Qilin takes the blame
The bug was given a severity score of 9.2/10 (critical), and affects these firmware versions:
3.0.0.4_386
3.0.0.4_388
3.0.0.6_102
It is difficult to determine an exact list of affected models, but in general - any Asus router that includes and enables AiCloud, while running the affected firmware versions, is potentially vulnerable. This also includes routers that reached end-of-life status.
Users should apply the fix as soon as possible or, alternatively, disable AiCloud, Samba/file-sharing, remote WAN access, port-forwarding, and any other internet-facing services. Updating the admin password and the WiFi password to something stronger is also advised,
While definitely the most dangerous one, this is not the only flaw Asus addressed in this security update. According to the advisory, a total of 9 vulnerabilities were addressed this time, with the majority having a medium, or high-severity rating.
Being the gateway to all data passing through a network, the router is the primary target in many cyberattacks. Asus is one of the world’s most popular hardware manufacturers whose devices are often abused, which is why patching is considered essential. In April this year, the company fixed a separate, critical authentication bypass flaw that also affected routers with AiCloud enabled.
Furthermore, recent reports said that cybercriminals engaged in the WrtHug attacks also abused vulnerabilities found in ASUS routers.
Via BleepingComputer
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
