ASUS has released a fix for a critical-severity vulnerability affecting routers with AiCloud enabled which could allow threat actors to execute functions on the exposed devices remotely and without authorization.
It is tracked as CVE-2025-2492, and was given a severity score of 9.2/10 (critical). It can be exploited via a custom-tailored request.
“This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions,” the NVD page reads.
Keeper is a cybersecurity platform primarily known for its password manager and digital vault, designed to help individuals, families, and businesses securely store and manage passwords, sensitive files, and other private data.
It uses zero-knowledge encryption and offers features like two-factor authentication, dark web monitoring, secure file storage, and breach alerts to protect against cyber threats.
Preferred partner (What does this mean?)View Deal
Safeguarding the device
AiCloud is a feature integrated into many ASUS routers that transforms the home network into a personal cloud server.
Users can then access, stream, sync, and share files stored on USB drives connected to the router from anywhere with an internet connection.
The flaw was found in firmware versions released after February 2025, meaning: 3.0.0.4_382, 3.0.0.4_386, 3.0.0.4_388, and 3.0.0.6_102.
According to CyberInsider, such features “often become attractive targets” for threat actors, since they are exposing sensitive data to the internet.
Therefore, it would be wise not to delay deploying the patch. Depending on the model, there are different firmware versions that can be downloaded directly from the ASUS website.
The flaw also affects a few devices that reached end-of-life, which should now have AiCloud entirely disabled. Internet access for WAN should also be disabled, as well as port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP services.
The company did not say if the flaw is being abused in the wild or not, but at press time, it was not added to CISA’s KEV, which is usually a good litmus paper for actively exploited flaws.
According to BleepingComputer, the critical CVSS rating “implies the exploitation could have a significant impact.” ASUS also told its users to use unique, strong passwords to secure their wireless networks and router administration pages.
That means making passwords at least 10 characters long, and making them a mix of lowercase and uppercase letters, numbers, and special symbols.
You might also like
- Cisco warns a decade-old vulnerability is back and targeting users
- Take a look at our guide to the best authenticator app
- We’ve rounded up the best password managers