Asus urges urgent firmware update for routers due to discovered vulnerability
01.12.25
Asus has announced the removal of a critical vulnerability in the MyASUS application, which is installed on all computers of the brand and could affect millions of users worldwide. The error allowed to obtain elevated privileges in the system and posed a threat to both x64 and ARM-architecture devices.
Danger in MyASUS
The MyASUS program is usually installed on Asus devices by default and provides access to updates, optimization tools and various service functions. Experts have found that an attacker with limited rights could take advantage of a flaw in the Asus System Control Interface recovery mechanism to gain a higher level of access. The vulnerability description states that the exploit could be launched when an unprivileged user copied files to protected system directories without proper verification, which could lead to the execution of arbitrary code from SYSTEM.
The bug has received the identifier CVE-2025-59373 and a severity rating of 8.5 out of 10. To fix it, Asus has released the MyASUS update, and users are invited to install the patch via Windows Update or download it from the official Asus Support page. The company specifies that the update applies to all Asus personal computers, including desktop systems, laptops, NUC devices and all-in-ones.
Details about the vulnerability in Asus routers
Asus adds that the problem could have occurred due to a side effect of Samba operation, which in some cases led to unauthorized operations. Details about this are provided in the Security Update for ASUS Router Firmware section of the official security bulletin.
The vulnerability affects all versions of ASUS System Control Interface up to 3.1.48.0 for x64 and 4.2.48.0 for ARM. You can check the installed version in the MyASUS program in the Settings → About section. In parallel, the company has released a security update for Asus routers. The patch fixes a number of bugs, including a more serious one – bypassing the authentication mechanism in AiCloud, which allowed performing certain functions without permissions.
Asus also warned that outdated router models removed with will not receive the new firmware. For such devices, the company recommends disabling all services available from the Internet, including AiCloud, remote access from WAN, port forwarding, DDNS, VPN server, DMZ, Port Triggering and FTP. Recall that only two months ago, Asus completed its investigation into the problem with periodic freezes of ROG series laptops and fixed the error after the release of the updated BIOS version.
Don't miss interesting news
Subscribe to our channels and read announcements of high-tech news, tes
Oppo A6 Pro smartphone review: ambitious
Creating new mid-range smartphones is no easy task. Manufacturers have to balance performance, camera capabilities, displays, and the overall cost impact of each component. How the new Oppo A6 Pro balances these factors is discussed in our review.
Sony WF-1000XM6 Bluetooth headphones review: full power
The new Sony WF-1000XM6 headphones have slightly changed their shape compared to their predecessor, received a new processor, an improved noise cancellation system, more microphones, and generally made a noticeable step forward technically.
League of Legends Classic: Complete review of the 2013 return of the legend
Riot Games has announced the arrival of a nostalgic League of Legends Classic mode that recreates the atmosphere of the third season.
Huawei FreeClip 2S: the evolution of open headphones with an innovative case
Huawei FreeClip 2S is a new version of stylish open-type headphones with an enlarged case and improved ergonomics.


