In response to recent media reports regarding attempts to exploit vulnerabilities in ASUS routers, ASUS would like to communicate that these vulnerabilities can be fixed. While some have noted that a firmware update alone may not completely address the issue, ASUS would like to emphasize the following recommendations — including updating to the latest firmware, performing a factory reset, and setting strong administrator passwords — to effectively restore and maintain device security. The steps outlined below are not only essential for mitigating potential risks but also critical for reinforcing long-term protection and responsible device management in today’s evolving cybersecurity environment.

Firmware updates and strong passwords can effectively prevent future risks

These media reports involve security vulnerability (CVE-2023-39780), which was disclosed in 2023. Devices that have been updated with the latest firmware and secured with a strong administrator password can prevent future exploitation of this vulnerability and block similar attack methods. Users are recommended to use a password at least 10 characters long, and include uppercase and lowercase letters, numbers, and symbols. In addition, ASUS recommends keeping device firmware up to date to ensure ongoing protection.

Devices that may have been affected can be fully restored

If the device was previously using outdated firmware along with a weak password, and users suspect it may have been compromised, please follow the steps below to secure the device:
1. Update the firmware to the latest version
2. Perform a factory reset to clear any unauthorized or abnormal settings
3. Set a strong administrator password as described above These steps will ensure that the device is fully secured and no residual risk remain.

End-of-Life (EOL) devices can still be safely used

For EOL devices that no longer receive firmware updates, the following best practices are recommended:
1. Install the latest available firmware version for the device
2. Use a strong administrator password
3. Disable all remote access features such as SSH, DDNS, AiCloud, or Web Access from WAN Completing the above steps will effectively prevent the exploitation methods described in recent reports.

Optional self-checks for suspicious activity

Users may perform the following checks to determine if their device shows signs of unauthorized access:
1. Confirm that the SSH (especially TCP port 53282) is not exposed to the internet
2. Check the System Log for repeated login failures or unfamiliar SSH keys
3. If anything appears suspicious, follow the above recommendations to thoroughly remove any potential threats. ASUS remains fully committed to ensuring the security of its users. Firmware update notifications and security recommendations have been issued for supported models. For further assistance, please contact the ASUS Customer Service team. Thank you for your continued trust and support.