Description

Certain models of ASUS routers have an arbitrary firmware upload vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands on the device.

Classification

Assigner: [email protected]

CWE: CWE-434

Links
CPEs
  • asus router -

CVSS

CVSS version: 3.1 Base score: 9.8
Base severity: CRITICAL Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability score: 3.9 Impact score: 5.9

Can you explain the CVE description?

This CVE description refers to a vulnerability with the identifier CVE-2024-3912 found in certain models of ASUS routers. The vulnerability allows an unauthenticated remote attacker to upload arbitrary firmware, which can then be used to execute arbitrary system commands on the device. The CVSS score for this vulnerability is 9.8, indicating a critical severity level. The vulnerability is associated with CWE-434. The published date of this CVE is June 14, 2024, and it is currently in the EARLY_WARNING status. The vulnerability has been reported by [email protected] and more information can be found at the provided URLs: https://www.twcert.org.tw/en/cp-139-7876-396bd-2.html and https://www.twcert.org.tw/tw/cp-132-7875-872d3-1.html. The vector CVSS for this vulnerability is AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating that the attacker needs network access and low privileges to exploit it. The exploitability score is 3.9 and the impact score is 5.9.

How can this vulnerability be part of an attack tree?

This vulnerability can be part of an attack tree by being the initial entry point for an attacker to gain unauthorized access to the ASUS router. Once the attacker successfully exploits the arbitrary firmware upload vulnerability, they can upload malicious firmware that allows them to execute arbitrary system commands on the device. From there, the attacker can escalate their privileges, move laterally within the network, exfiltrate sensitive data, or launch further attacks on other devices connected to the network. This vulnerability provides a critical foothold for an attacker to carry out a variety of malicious activities.


Generated on: 2024-07-01