Skip to main content

ASUS Router EUVDEUVD-2026-44590

| CVE-2026-13385 CRITICAL
Improper Validation of Integrity Check Value (CWE-354)
2026-07-15 ASUS GHSA-f3gg-32xv-8j76
9.5
CVSS 4.0 · Vendor: ASUS
Share

Severity by source

Vendor (ASUS) PRIMARY
9.5 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
9.0 CRITICAL

Network vector but the required MITM position makes AC:H; no auth or interaction (PR:N/UI:N); executing attacker code on the router crosses into managed systems, so S:C with full C/I/A impact.

3.1 AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Primary rating from Vendor (ASUS).

CVSS VectorVendor: ASUS

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jul 15, 2026 - 02:32 vuln.today
CVE Published
Jul 15, 2026 - 02:01 cve.org
CRITICAL 9.5

DescriptionCVE.org

An Improper Validation of Integrity Check Value and Improper Certificate Validation in certain ASUS router models allows a remote man-in-the-middle(MITM) user to make the router download and execute arbitrary command via a spoofed server. Refer to the ' Security Update for ASUS Router Firmware  ' section on the ASUS Security Advisory for more information.

AnalysisAI

Remote command execution in certain ASUS router firmware allows a network man-in-the-middle attacker to force the router to download and run arbitrary commands from a spoofed update/download server. The root cause is a failure to validate both the integrity check value (CWE-354) and the TLS server certificate, so an attacker positioned in the network path can impersonate a legitimate ASUS server. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain on-path MITM position
Delivery
Intercept router's server connection
Exploit
Present spoofed server with invalid certificate
Execution
Deliver malicious payload past integrity check
Persist
Router downloads and executes arbitrary command
Impact
Full device compromise and pivot

Vulnerability AssessmentAI

Exploitation Requires the attacker to hold a man-in-the-middle position on the network path between the router and the ASUS server it contacts for downloads/updates (this is the AT:P attack requirement in the CVSS 4.0 vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are mostly aligned toward high priority but with an important caveat. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has gained an on-path position - for example on a shared Wi-Fi network, a compromised upstream hop, or via DNS/route hijacking - intercepts the router's connection to an ASUS server. Because the router does not properly validate the server certificate or the integrity of the returned payload, the attacker presents a spoofed server and delivers a malicious command or firmware image, which the router downloads and executes with full privileges. …
Remediation Patch available per vendor advisory: apply the fixed firmware listed in the 'Security Update for ASUS Router Firmware' section of the ASUS Security Advisory at https://www.asus.com/security-advisory/ (exact fixed firmware version not specified in the provided data - confirm the build for your specific model on that page). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: inventory all ASUS routers deployed across network infrastructure and cross-reference against the affected firmware versions listed in ASUS security advisories. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-44590 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy