Security researchers have identified a high-severity wireless vulnerability (CVSS score: 8.4) affecting certain ASUS routers that rely on Broadcom Wi-Fi chipsets.
The issue, discovered by the Black Duck research team, emerged during protocol-level testing of IEEE 802.11 implementations and demonstrates how flaws below the encryption layer can still undermine network availability.
The vulnerability details have not been disclosed due to the risks it poses to systems and users. However, testing showed that a single malformed wireless frame, sent by an attacker within radio range, could cause a router’s 5 GHz access point to become unresponsive.
The attack causes all connected clients to be disconnected and unable to reconnect until the device is manually restarted. Wired connections and 2.4 GHz Wi-Fi remain unaffected, but the attack can be repeated immediately after recovery.
According to Ben Ronallo, Principal Cybersecurity Engineer at Black Duck, this type of flaw is particularly challenging to uncover.
“Implementation-level flaws in protocols, such as 802.11, are often more difficult to detect than cryptographic weaknesses,” Ronallo told Expert Insights. He noted that effective testing requires hardware dependencies, including a compatible access point and antenna, and that closed-source firmware “makes introspection much more difficult.”
Why Availability Risks Matter to the Business
The vulnerability was confirmed on the ASUS RT-BE86U router and traced back to Broadcom chipset software. While patches are now available, remediation timelines for hardware and firmware issues are typically longer.
Ronallo emphasized that “in the software world, the commonly cited deadline is 90 days but for hardware/firmware it’s closer to 180+ days.”
Other experts warned that the impact of such attacks could extend beyond temporary outages. James Maude, Field CTO at BeyondTrust, told Expert Insights the findings are “very reminiscent of early days of Wi-Fi adoption where de-auth and denial-of-service [DoS] attacks against wireless networks were very common.”
He cautioned that disrupting a legitimate access point could enable follow-on attacks, including “evil twin” scenarios and phishing via captive portals, even if encrypted traffic limits interception.
From a leadership perspective, Randolph Barr, Chief Information Security Officer (CISO) at Cequence Security, said the real danger lies in prolonged instability.
“The main risk isn’t simply the outage itself; it’s what long-term instability allows and how deeply it affects how the organization runs,” Barr told Expert Insights.
He advised teams to timely apply firmware updates, treat unexplained wireless failures as potential security events, and plan user behavior during outages to avoid risky workarounds.
