Issue Description
SuperPods are not connecting to the Plume cloud and will show as offline when plugged into an ASUS router that has AiProtection enabled.
ASUS AiProtection supported router models: https://www.asus.com/us/AiProtection/
Cause of issue
SuperPod traffic is being classified incorrectly as part of a spoofing vulnerability by the ASUS AiProtection Dual-Way IPS Protection, which blocks the device from connecting to the Plume cloud. ASUS's Security Interface will show something similar to the following:
2020-02-01 19:36:12,M,Device Infected,192.168.50.140,SERIAL_NUMBER_Pod_900200700,FILE Microsoft Windows CryptoAPI Spoofing Vulnerability -2 (CVE-2020-0601)
2020-02-01 19:36:08,M,Device Infected,192.168.50.54,SERIAL_NUMBER_Pod_900203800,FILE Microsoft Windows CryptoAPI Spoofing Vulnerability -2 (CVE-2020-0601)
2020-02-01 19:36:03,M,Device Infected,192.168.50.141,SERIAL_NUMBER_Pod_900203800,FILE Microsoft Windows CryptoAPI Spoofing Vulnerability -2 (CVE-2020-0601)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0601
Solution
AiProtection stays in sync with Trend Micro’s cloud database to get the latest signatures for the Intrusion Prevention System, including: Malicious Site Blocking, Infected Device Detection, and Blocking, and Content Filter features.
In order to fix this issue, Trend micro launched the Signature Version 2.162 for ASUS Routers. In order to update the "Signature Version", go to Asus Web Interface > Administration > Firmware Update, Check for Signature Version 2.162 or above.