FlagThis

A critical vulnerability (CVE-2024-54143) in OpenWrt’s Attended SysUpgrade (ASU) server allowed attackers to inject malicious firmware images during updates. The vulnerability exploited a truncated SHA-256 hash collision and a command injection flaw, putting many routers at risk. OpenWrt developers quickly addressed the vulnerability in updated releases. This attack highlights the criticality of securing the firmware update process and the risk of supply chain attacks affecting embedded devices.

A critical vulnerability (CVE-2024-54143) in OpenWrt’s Attended SysUpgrade (ASU) server allows attackers to inject malicious firmware images via a truncated SHA-256 hash collision and command injection. This could result in compromised firmware updates delivered to users. The vulnerability was responsibly disclosed by RyotaK, with OpenWrt urging users to update their images to mitigate the risk. This supply-chain attack targets routers running OpenWrt firmware, potentially affecting a wide range of devices.