ASUS Discloses AiCloud Vulnerability And Says To Patch Your ASUS Routers NOW
People have often asked me why I am such an opponent of routers having the functionality of remote access. Well, this is why:
So basically, ASUS had an issue where if you had AICloud enabled on your ASUS router, someone could pwn you. But ASUS has released new firmware for a lot of their routers and fixed this. So all is fine now. Right?
Well, no it’s not. The thing is that when you open anything up to remote access via the Internet, you can get pwned. And a router is about the worst thing that you can open up remote access to. The reality is that nobody needs to remote access to their router. And I truly mean nobody. I for one have never utilized the on board remote access features of a router. And I have no plans on ever doing so as I would have to really trust the company that makes the gear that I am using. Which to be clear I do not have that level of trust in any company.
Next is the fact that while ASUS has fixed this, you know that threat actors will be figuring out if they can exploit this somehow. Whether it is via going after people who haven’t updating their firmware, or via finding an exploit that ASUS knows nothing about. Or both.
Finally, I have to give every consumer router company a free piece of advice. There zero need to include this functionality on your routers. It adds zero value and makes your products less secure. You would do yourself and the planet a favor by removing this functionality from your products.
In the meantime, ASUS router users should get about updating their firmware whether they use AICloud or not as there’s no harm in being as secure as you can be.
This entry was posted on April 22, 2025 at 9:45 am and is filed under Commentary with tags Asus. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
ASUS Discloses AiCloud Vulnerability And Says To Patch Your ASUS Routers NOW
People have often asked me why I am such an opponent of routers having the functionality of remote access. Well, this is why:
So basically, ASUS had an issue where if you had AICloud enabled on your ASUS router, someone could pwn you. But ASUS has released new firmware for a lot of their routers and fixed this. So all is fine now. Right?
Well, no it’s not. The thing is that when you open anything up to remote access via the Internet, you can get pwned. And a router is about the worst thing that you can open up remote access to. The reality is that nobody needs to remote access to their router. And I truly mean nobody. I for one have never utilized the on board remote access features of a router. And I have no plans on ever doing so as I would have to really trust the company that makes the gear that I am using. Which to be clear I do not have that level of trust in any company.
Next is the fact that while ASUS has fixed this, you know that threat actors will be figuring out if they can exploit this somehow. Whether it is via going after people who haven’t updating their firmware, or via finding an exploit that ASUS knows nothing about. Or both.
Finally, I have to give every consumer router company a free piece of advice. There zero need to include this functionality on your routers. It adds zero value and makes your products less secure. You would do yourself and the planet a favor by removing this functionality from your products.
In the meantime, ASUS router users should get about updating their firmware whether they use AICloud or not as there’s no harm in being as secure as you can be.
Share this:
Like this:
Related
This entry was posted on April 22, 2025 at 9:45 am and is filed under Commentary with tags Asus. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.