Asus
-
UEFI firmware flaw leaves early-boot DMA protections uninitialized on multiple motherboards
A firmware flaw affecting ASRock, ASUS, GIGABYTE and MSI motherboards can leave IOMMU uninitialized during early boot, allowing DMA-capable PCIe devices with physical access to read or modify system memory; four CVEs have been assigned and vendors have released firmware updates.
-
CISA adds critical ASUS Live Update flaw to known exploited vulnerabilities catalog
CISA added a critical ASUS Live Update vulnerability, CVE-2025-59374 (CVSS 9.3), to its Known Exploited Vulnerabilities catalog citing active exploitation; the flaw stems from a past supply chain compromise and vendors say affected builds were limited to devices meeting specific targeting conditions.
-
ASUS issues firmware updates to fix critical AiCloud authentication bypass
ASUS has issued firmware updates to fix nine vulnerabilities, including a critical authentication bypass (CVE-2025-59366) in routers with AiCloud enabled, and advised users to update firmware or apply mitigations for end-of-life devices.
-
ASUS issues firmware to fix critical authentication bypass in DSL routers
ASUS released firmware version 1.1.2.3_1010 to fix a critical authentication bypass (CVE-2025-59367) impacting DSL-AC51, DSL-N16 and DSL-AC750 routers and urged users to install the update or follow mitigation steps to block internet-accessible services.
-
Critical Vulnerability Discovered in ASUS Armoury Crate Software
A serious vulnerability in ASUS Armoury Crate software could allow attackers to achieve SYSTEM-level privileges on Windows machines, according to a report detailing the flaw. Users are urged to update their applications to mitigate potential risks.
-
Security Flaw Leaves Thousands of Asus Routers Vulnerable to Backdoor Attacks
Thousands of Asus routers are vulnerable to backdoor attacks due to exploited security flaws, as revealed by cybersecurity experts. Users are urged to check their settings and apply necessary updates.
