Vulnerabilities in ASUS Routers Could Allow Code Execution

Security researcher Diego Juarez of SecureAuth discovered several vulnerabilities in drivers of ASUS routers that could allow threat actors to elevate privileges and execute code. The vulnerabilities exist in ASUS Aura Sync versions 1.07.22 and prior. There are currently no patches or workarounds available to mitigate the flaws. The NJCCIC recommends reviewing the SecureAuth article on the vulnerabilities and applying any patches if they become available.

AdvisoryNJCCICRouter