Asus releases security updates for its routers after major vulnerabilities surface - here's how to stay safe

News
By published

New fixes cover MyAsus, Armoury Crate, DriverHub, and certain models

A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
(Image credit: Shutterstock)
  • Asus updates MyAsus app to fix two new security issues affecting PCs
  • Company confirms past issues in routers and software are now fully resolved
  • Users urged to update software, use strong passwords, and disable unused services

Asus has released new security patches for its MyAsus software, following fresh reports from security researchers highlighting flaws across multiple services.

The update applies to all compatible desktops, laptops, NUCs, and All-in-One PCs, addressing two vulnerabilities tracked as CVE-2025-4569 and CVE-2025-4570.

The new versions are 4.0.36.0 for x64 systems and 4.2.35.0 for Arm-based computers - and users can update through the MyAsus app or via the Microsoft Store.

Patch now

The CVE-2025-4569 flaw received a CVSS v4.0 score of 7.7, marking it as high severity. CVE-2025-4570 was rated at 6.9, a medium-level risk.

Both are resolved in the update. Asus also confirmed that is has addressed related issues in Armoury Crate, DriverHub, and specific router models, although details were limited. The company says all reported vulnerabilities have now been resolved.

This patch follows a string of vulnerability disclosures this year.

Back in April 2025, the company patched a critical vulnerability in routers using AiCloud, a service that lets users access and share files over the internet.

Tracked as CVE-2025-2492, it had a severity score of 9.2 and could allow remote attackers to execute functions without permission.

Asus urged users to disable AiCloud on unsupported models and update the firmware immediately.

Then in June 2025, Asus also patched CVE-2024-3080, a critical authentication bypass flaw affecting seven popular router models, including ZenWiFi XT8 and RT-AX88U.

That update also covered a buffer overflow issue and a system command execution bug, both tied to admin privileges.

In a related incident, a high-severity flaw tracked as CVE-2023-39780 was exploited by attackers to build a botnet using compromised routers.

That vulnerability allowed persistent access via non-volatile memory.

Asus responded by urging users to reset affected devices and use stronger credentials.

It's important to keep your router secure - regardless of the make - by checking firmware regularly, updating software, and limiting remote access features whenever possible.

You might also like

Wayne Williams
Wayne Williams
Editor

Wayne Williams is a freelancer writing news for TechRadar Pro. He has been writing about computers, technology, and the web for 30 years. In that time he wrote for most of the UK’s PC magazines, and launched, edited and published a number of them too.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.