Asus urges urgent firmware update for routers due to discovered vulnerability
01.12.25
Asus has announced the removal of a critical vulnerability in the MyASUS application, which is installed on all computers of the brand and could affect millions of users worldwide. The error allowed to obtain elevated privileges in the system and posed a threat to both x64 and ARM-architecture devices.
Danger in MyASUS
The MyASUS program is usually installed on Asus devices by default and provides access to updates, optimization tools and various service functions. Experts have found that an attacker with limited rights could take advantage of a flaw in the Asus System Control Interface recovery mechanism to gain a higher level of access. The vulnerability description states that the exploit could be launched when an unprivileged user copied files to protected system directories without proper verification, which could lead to the execution of arbitrary code from SYSTEM.
The bug has received the identifier CVE-2025-59373 and a severity rating of 8.5 out of 10. To fix it, Asus has released the MyASUS update, and users are invited to install the patch via Windows Update or download it from the official Asus Support page. The company specifies that the update applies to all Asus personal computers, including desktop systems, laptops, NUC devices and all-in-ones.
Details about the vulnerability in Asus routers
Asus adds that the problem could have occurred due to a side effect of Samba operation, which in some cases led to unauthorized operations. Details about this are provided in the Security Update for ASUS Router Firmware section of the official security bulletin.
The vulnerability affects all versions of ASUS System Control Interface up to 3.1.48.0 for x64 and 4.2.48.0 for ARM. You can check the installed version in the MyASUS program in the Settings → About section. In parallel, the company has released a security update for Asus routers. The patch fixes a number of bugs, including a more serious one – bypassing the authentication mechanism in AiCloud, which allowed performing certain functions without permissions.
Asus also warned that outdated router models removed with will not receive the new firmware. For such devices, the company recommends disabling all services available from the Internet, including AiCloud, remote access from WAN, port forwarding, DDNS, VPN server, DMZ, Port Triggering and FTP. Recall that only two months ago, Asus completed its investigation into the problem with periodic freezes of ROG series laptops and fixed the error after the release of the updated BIOS version.
Don't miss interesting news
Subscribe to our channels and read announcements of high-tech news, tes
Oppo A6 Pro smartphone review: ambitious
0 
Creating new mid-range smartphones is no easy task. Manufacturers have to balance performance, camera capabilities, displays, and the overall cost impact of each component. How the new Oppo A6 Pro balances these factors is discussed in our review.
Best Bluetooth speakers 2025. Top models in different segments
0 
A speaker has long ceased to be just an accessory for a smartphone. It has become a tool for creating an atmosphere – from a small meeting to a large-scale party.
Asus urges urgent firmware update for routers due to discovered vulnerability Asus router Security
Asus also warned that older router models that were removed using the tool will not receive the new firmware. For such devices, the company recommends disabling all services
Cyberpunk 2077 has become the main source of profit for CD Projekt Red. Not The Witcher business Cyberpunk games
Cyberpunk 2077 has officially surpassed the 35 million copies sold mark in the 5 years since its release. In terms of sales dynamics, the RPG has outpaced The Witcher 3