Asus has released a security update addressing a critical authentication bypass flaw in its router firmware that could allow attackers to execute commands remotely without valid credentials.
The vulnerability, tracked as CVE-2025-593656, impacts the AiCloud remote access and cloud functionality available on certain Asus routers. According to Asus, the flaw could be exploited for remote code execution, making it one of the most severe classes of router security issues.
The company has urged users to apply the patch immediately due to the high risk of exploitation.
Table of Contents
How the flaw works
The issue originates from a broken interaction between the AiCloud feature and the Samba file-sharing component used in Asus router firmware.
This flaw allowed unauthenticated attackers to bypass authentication checks and execute operating system commands remotely. In practical terms, a successful attack could give a threat actor full control over the affected router.
The vulnerability received a CVSS severity score of 9.2 out of 10, placing it firmly in the critical category.
Affected firmware versions
Asus confirmed the vulnerability affects routers running the following firmware versions:
3.0.0.4_386
3.0.0.4_388
3.0.0.6_102
The company did not publish a definitive list of affected router models. However, any Asus router that includes AiCloud and is running one of these firmware versions is potentially exposed.
This also includes devices that have reached end-of-life status and may no longer receive regular updates.
What users should do now
Asus strongly recommends installing the latest firmware update as soon as possible. For users who cannot update immediately, the company advises disabling the following features:
- AiCloud
- Samba or file-sharing services
- Remote WAN access
- Port forwarding
- Any other internet-facing services
Users are also advised to change router admin passwords and WiFi passwords to strong, unique credentials.
These steps reduce the attack surface but do not replace the need to apply the official patch.
Not the only issue fixed
The AiCloud vulnerability is the most severe issue addressed in this update, but it is not the only one.
Asus confirmed that a total of nine vulnerabilities were fixed in this firmware release, with most rated as medium or high severity. This highlights a broader security maintenance effort across its router product line.
Routers remain a prime attack target
Routers sit at the center of home and business networks, making them a high-value target for cybercriminals. Once compromised, attackers can intercept traffic, redirect users to malicious sites, or pivot deeper into connected networks.
Asus routers have been repeatedly targeted in the past. In April 2025, the company patched another critical authentication bypass flaw affecting AiCloud-enabled devices. Separate reports have also linked Asus routers to exploitation campaigns such as the WrtHug attacks.
For users running Asus hardware, keeping firmware up to date remains one of the most important steps in maintaining network security.
