Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Vulnerability found in firmware update process of ASUS routers

Vulnerability found in firmware update process of ASUS routers

2014/10/29

Securityweek - (International) A researcher identified and reported a vulnerability in ASUS RT-series routers that could have allowed attackers to use a man-in-the-middle (MitM) attack to trick users into downloading older, vulnerable firmware versions or potentially malicious code due to the firmware request being sent in HTTP instead of HTTPS. ASUS closed the vulnerability in its 3.0.0.4.367.1123 update.

Source: http://www.securityweek.com/vulnerability-found-firmware-update-process-asus-routers

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:22:17