ASUS has released new firmware with cumulative security updates that fix vulnerabilities in multiple router models, warning customers to update their devices immediately or restrict WAN access until they are secured.
As the company explains, the newly released firmware contains fixes for nine security flaws, including the most important and critical ones.
The most serious of them are followed as CVE-2022-26376 And CVE-2018-1160. The first is a critical memory corruption weakness in Asuswrt firmware for Asus routers that could allow attackers to trigger denial of service conditions or achieve code execution.
The other critical fix is for a nearly five-year-old CVE-2018-1160 bug caused by a Netatalk out-of-bounds write weakness that can also be exploited to achieve arbitrary code execution on unpatched devices.
“Please note that if you choose not to install this new firmware version, we strongly recommend that you disable services accessible from the WAN side to prevent possible unwanted intrusions. These services include remote access from the WAN, port forwarding, DDNS, VPN server, DMZ, port trigger,” ASUS warned in a security advisory published today.
“We strongly encourage you to periodically audit both your equipment and your security procedures, as this will ensure that you are better protected.”
The list of affected devices includes the following models: GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT -AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000 and TUF-AX5400.
Customers are urged to patch immediately
ASUS has advised users of the affected routers to update them to the latest firmware as soon as possible, available through the support website, each product pageor via the links provided in today’s review.
The company also recommends creating separate passwords for the wireless network and router administration pages of at least eight characters (combining uppercase letters, numbers, and symbols) and avoiding using the same password for multiple devices or services.
ASUS’ warning should be taken seriously, given that the company’s products have already been targeted by botnets.
For example, in Mach 2022, ASUS notified of Cyclops Blink malware attacks targeting multiple models of ASUS routers to gain persistence and use them for remote access to compromised networks.
A month earlier, in February 2022, a joint security advisory from the US and UK cybersecurity agencies linked the Cyclops Blink botnet to the Russian military threat group Sandworm before disturb him and prevent its use in attacks.