Asus dumpster fire (Image source: GNCA on YouTube)
Gamers Nexus reports that ASUS faces multiple security issues in 2025, with active exploits targeting its routers and flaws affecting utilities like DriverHub, MyASUS, and Armory Crate. The coverage warns that persistent backdoors and low-level code vulnerabilities make firmware updates and the removal of unnecessary ASUS software essential for user safety.
Gamers Nexus identifies four primary security threats: ASUS routers, DriverHub, MyASUS/RMA, and Armory Crate. Among them, the “AyySSHush” campaign (a.k.a. Ace Hush) is actively exploiting ASUS routers. Analysis by GreyNoise shows attackers are using brute-force, authentication bypasses, CVE‑2023‑39780 command injection, and reliance on built‑in ASUS AiProtection settings to install SSH backdoors in non‑volatile memory—surviving both reboots and firmware updates, prompting urgent calls to update firmware and perform factory resets.
Security researcher Paul “Mr. Bruh,” cited by Gamers Nexus, discovered a zero-click remote code execution vulnerability in ASUS DriverHub and hardcoded administrator credentials within MyASUS and the RMA portal—exposing user data including names, birthdates, addresses, and phone numbers. Though ASUS deployed patches in May 2025, Gamers Nexus criticizes the response as token credit acknowledgements with no meaningful bug bounty incentives .
Cisco Talos researcher Marson Icewall Noga also documented two kernel-level exploits in Armory Crate’s ASIO3 driver, enabling physical memory mapping and low-level hardware access. Even with security updates, Gamers Nexus warns that Armory Crate continues to reinstall itself through BIOS settings and Windows firmware updates, effectively acting like elevated-risk bloatware. The recommendation remains: uninstall non-essential ASUS utilities, disable BIOS installation toggles, and keep firmware current.
According to Gamers Nexus, ASUS’s continued rollout of motherboard-level utilities coupled with ignored software and router exploits creates an unnecessary and persistent attack surface. Users should proactively uninstall risky tools, disable bloatware mechanisms, and update router and system firmware immediately—especially as some exploits remain active despite official patches.
Sebastian Jankowski – Proofreader and tech writer – 24 articles published on Notebookcheck since 2025
A heavy PC user since 1989, I’ve experienced every stage—8-bit, 16-bit, and 32-bit—through the early console years. The Oculus revolution pulled me into VR, leading me to open my own VR arcade. My classic education was complemented by a daily deep dive into PC hardware and software news. With over 20 years of experience in the consumer electronics industry—spanning major financial and administrative firms—I now primarily work as a freelance writer and IT consultant. Based in the UK, I live with my family.