FCC Covered List expansion bans foreign-made consumer routers in U.S. market

First reported

24.03.2026 22:41

Last updated

26.03.2026 21:48

4 unique sources, 4 articles

Summary

Hide ▲

The U.S. Federal Communications Commission (FCC) has expanded its Covered List to prohibit the sale of new consumer-grade routers manufactured outside the United States, citing unacceptable national security risks. The ban targets 'consumer-grade' routers as defined in NIST Internal Report 8425A, while permitting continued operation of existing routers and maintaining imports for previously authorized foreign-manufactured models. The decision follows a March 20 National Security Determination identifying severe supply-chain vulnerabilities in foreign-made routers. Exemptions are strictly limited to Department of Defense or Department of Homeland Security drone and surveillance systems, with no blanket exclusions for foreign-made consumer routers. Existing hardware and U.S.-manufactured devices like Starlink routers remain unaffected. Critics warn the policy may leave consumers and businesses reliant on older, less secure routers as replacement markets shrink and compliance costs rise, potentially increasing long-term exposure to operational vulnerabilities rather than reducing them.

Timeline

24.03.2026 22:41 4 articles · 2d ago

FCC prohibits new foreign-made consumer routers from U.S. market following national security assessment
The FCC updated its Covered List to include all consumer routers manufactured abroad, barring their sale as new products in the U.S. The move follows a March 20 National Security Determination identifying supply-chain risks from foreign-made routers that could disrupt critical infrastructure. New certification rules require manufacturers to disclose full supply-chain details and commit to onshoring critical component production. Approval pathways are limited to specific government drone systems, while existing consumer routers remain unaffected. This article adds expert analysis warning that the policy does not force immediate replacement of existing foreign-made routers, leaving consumers and businesses to retain and use currently deployed devices indefinitely unless they choose to upgrade. Critics argue this may increase long-term cybersecurity risk by forcing reliance on outdated, unsupported foreign-made routers as replacement options become constrained or more expensive due to reduced competition and compliance costs. Security experts highlight that router compromises often stem from operational issues such as default credentials, unpatched vulnerabilities, and exposed management interfaces—not solely from manufacturing origin. Only one U.S.-manufactured router model, Starlink Wi-Fi routers, was identified as compliant with the new FCC restrictions.
Show sources

FCC bans new routers made outside the USA over security risks — www.bleepingcomputer.com — 24.03.2026 22:41

FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns — thehackernews.com — 25.03.2026 09:11

US: FCC Bans Foreign-Made Routers Over National Security Concerns — www.infosecurity-magazine.com — 25.03.2026 14:30

Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48
Open in new tab

Information Snippets

The FCC Covered List now includes all consumer routers manufactured outside the United States, banning their sale as new products in the U.S. market.
First reported: 24.03.2026 22:41

4 sources, 4 articles
Show sources
- FCC bans new routers made outside the USA over security risks — www.bleepingcomputer.com — 24.03.2026 22:41
- FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns — thehackernews.com — 25.03.2026 09:11
- US: FCC Bans Foreign-Made Routers Over National Security Concerns — www.infosecurity-magazine.com — 25.03.2026 14:30
- Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48
The decision is based on a March 20 National Security Determination by an interagency body assessing foreign-made routers as posing unacceptable supply-chain risks to U.S. national security, economy, and critical infrastructure.
First reported: 24.03.2026 22:41

4 sources, 4 articles
Show sources
- FCC bans new routers made outside the USA over security risks — www.bleepingcomputer.com — 24.03.2026 22:41
- FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns — thehackernews.com — 25.03.2026 09:11
- US: FCC Bans Foreign-Made Routers Over National Security Concerns — www.infosecurity-magazine.com — 25.03.2026 14:30
- Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48
Regulatory approval now requires foreign manufacturers to disclose corporate ownership, supply-chain details, IP ownership, manufacturing locations, software/firmware origins, and a plan to onshore critical component manufacturing.
First reported: 24.03.2026 22:41

1 source, 1 article
Show sources
- FCC bans new routers made outside the USA over security risks — www.bleepingcomputer.com — 24.03.2026 22:41
Exemptions apply only to Department of War or Department of Homeland Security drone systems, with no blanket exclusion for foreign-made consumer routers seeking U.S. market entry.
First reported: 24.03.2026 22:41

1 source, 1 article
Show sources
- FCC bans new routers made outside the USA over security risks — www.bleepingcomputer.com — 24.03.2026 22:41
Existing U.S. consumer routers remain unaffected; new model availability may be reduced due to added compliance costs, delays, or manufacturers exiting the market.
First reported: 24.03.2026 22:41

2 sources, 2 articles
Show sources
- FCC bans new routers made outside the USA over security risks — www.bleepingcomputer.com — 24.03.2026 22:41
- FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns — thehackernews.com — 25.03.2026 09:11
The FCC allows software and firmware updates for Unmanned Aircraft Systems (UAS) and critical components until at least January 1, 2027, despite the new restrictions.
First reported: 24.03.2026 22:41

2 sources, 2 articles
Show sources
- FCC bans new routers made outside the USA over security risks — www.bleepingcomputer.com — 24.03.2026 22:41
- FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns — thehackernews.com — 25.03.2026 09:11
The FCC explicitly stated that foreign-produced routers introduce supply-chain vulnerabilities capable of disrupting the U.S. economy, critical infrastructure, and national defense, as well as severe cybersecurity risks that could immediately and severely disrupt U.S. critical infrastructure and harm U.S. persons.
First reported: 25.03.2026 09:11

3 sources, 3 articles
Show sources
- FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns — thehackernews.com — 25.03.2026 09:11
- US: FCC Bans Foreign-Made Routers Over National Security Concerns — www.infosecurity-magazine.com — 25.03.2026 14:30
- Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48
State and non-state sponsored threat actors have exploited security shortcomings in small and home office routers to break into American households, disrupt networks, facilitate cyber espionage, and enable intellectual property theft, with foreign-made routers being conscripted into botnets for password spraying, unauthorized network access, and espionage purposes.
First reported: 25.03.2026 09:11

2 sources, 2 articles
Show sources
- FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns — thehackernews.com — 25.03.2026 09:11
- US: FCC Bans Foreign-Made Routers Over National Security Concerns — www.infosecurity-magazine.com — 25.03.2026 14:30
China-nexus adversaries including Volt Typhoon, Flax Typhoon, and Salt Typhoon have leveraged botnets comprising foreign-made routers to conduct cyber attacks targeting U.S. communications, energy, transportation, and water infrastructure.
First reported: 25.03.2026 09:11

2 sources, 2 articles
Show sources
- FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns — thehackernews.com — 25.03.2026 09:11
- US: FCC Bans Foreign-Made Routers Over National Security Concerns — www.infosecurity-magazine.com — 25.03.2026 14:30
In Salt Typhoon attacks, compromised foreign-produced routers were used to gain long-term access to networks and pivot to other systems depending on the target.
First reported: 25.03.2026 09:11

3 sources, 3 articles
Show sources
- FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns — thehackernews.com — 25.03.2026 09:11
- US: FCC Bans Foreign-Made Routers Over National Security Concerns — www.infosecurity-magazine.com — 25.03.2026 14:30
- Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48
A botnet dubbed CovertNetwork-1658 (aka Quad7) has been used to orchestrate highly evasive password spray attacks, attributed to a Chinese threat actor tracked as Storm-0940.
First reported: 25.03.2026 09:11

1 source, 1 article
Show sources
- FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns — thehackernews.com — 25.03.2026 09:11
The Covered List update does not affect existing routers already purchased by consumers, nor does it impact retailers selling previously approved router models.
First reported: 25.03.2026 09:11

3 sources, 3 articles
Show sources
- FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns — thehackernews.com — 25.03.2026 09:11
- US: FCC Bans Foreign-Made Routers Over National Security Concerns — www.infosecurity-magazine.com — 25.03.2026 14:30
- Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48
Starlink Wi-Fi routers are exempt from the policy as they are manufactured in Texas, USA.
First reported: 25.03.2026 09:11

2 sources, 2 articles
Show sources
- FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns — thehackernews.com — 25.03.2026 09:11
- Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48
The FCC allows conditional approval for consumer-grade routers if the Department of War or Department of Homeland Security determines they pose no risks, with current approved devices limited to specific drone systems and software-defined radios from SiFly Aviation, Mobilicom, ScoutDI, and Verge Aero.
First reported: 25.03.2026 09:11

1 source, 1 article
Show sources
- FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns — thehackernews.com — 25.03.2026 09:11
The FCC’s ban specifically applies to 'consumer-grade' routers as defined in NIST Internal Report 8425A, targeting residential-use devices installable by end users.
First reported: 25.03.2026 14:30

2 sources, 2 articles
Show sources
- US: FCC Bans Foreign-Made Routers Over National Security Concerns — www.infosecurity-magazine.com — 25.03.2026 14:30
- Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48
Existing Wi-Fi and wired routers already in use are permitted to continue operating without restriction.
First reported: 25.03.2026 14:30

2 sources, 2 articles
Show sources
- US: FCC Bans Foreign-Made Routers Over National Security Concerns — www.infosecurity-magazine.com — 25.03.2026 14:30
- Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48
Companies with prior FCC radio authorization for specific foreign-manufactured networking equipment may maintain imports of those approved models despite the ban.
First reported: 25.03.2026 14:30

2 sources, 2 articles
Show sources
- US: FCC Bans Foreign-Made Routers Over National Security Concerns — www.infosecurity-magazine.com — 25.03.2026 14:30
- Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48
Netgear manufactures routers in Taiwan and Vietnam, making it likely to be heavily impacted by the ban.
First reported: 25.03.2026 14:30

1 source, 1 article
Show sources
- US: FCC Bans Foreign-Made Routers Over National Security Concerns — www.infosecurity-magazine.com — 25.03.2026 14:30
TP-Link, though still widely used in the U.S., has reduced its association with China via a 2022 corporate restructuring and established a global headquarters in California in 2024.
First reported: 25.03.2026 14:30

1 source, 1 article
Show sources
- US: FCC Bans Foreign-Made Routers Over National Security Concerns — www.infosecurity-magazine.com — 25.03.2026 14:30
The new FCC policy does not require immediate replacement of existing foreign-made routers, leaving consumers and small businesses to retain and use currently deployed devices indefinitely unless they choose to upgrade.
First reported: 26.03.2026 21:48

1 source, 1 article
Show sources
- Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48
Critics argue the ban may increase long-term cybersecurity risk by forcing reliance on outdated, unsupported foreign-made routers as replacement options become constrained or more expensive due to reduced competition and compliance costs.
First reported: 26.03.2026 21:48

1 source, 1 article
Show sources
- Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48
Security experts highlight that router compromises often stem from operational issues such as default credentials, unpatched vulnerabilities, and exposed management interfaces—not solely from manufacturing origin.
First reported: 26.03.2026 21:48

1 source, 1 article
Show sources
- Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48
Only one U.S.-manufactured router model, Starlink Wi-Fi routers, was identified as compliant with the new FCC restrictions.
First reported: 26.03.2026 21:48

1 source, 1 article
Show sources
- Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48
The FCC’s decision follows a White House-convened interagency assessment concluding that foreign-made routers pose unacceptable national security risks to the United States.
First reported: 26.03.2026 21:48

1 source, 1 article
Show sources
- Is the FCC's Router Ban the Wrong Fix? — www.darkreading.com — 26.03.2026 21:48

Similar Happenings

U.S. Proposed Ban on TP-Link Networking Gear

The U.S. government is considering a ban on the sale of TP-Link networking devices due to national security concerns over the company's ties to China. TP-Link denies these allegations, maintaining it operates independently and manufactures its products in Vietnam. Texas has sued TP-Link for deceptive marketing and allowing Chinese state-backed hackers to exploit firmware vulnerabilities. The ban is supported by multiple federal agencies and follows reports of Chinese state-sponsored hacking groups exploiting vulnerabilities in TP-Link routers. The proposed ban highlights broader issues with the security of consumer-grade routers, which often ship with outdated firmware and default settings that can be easily compromised.

Open in new tab

TP-Link Router Vulnerabilities Actively Exploited in the Wild

Two security flaws in TP-Link routers are being actively exploited. The vulnerabilities affect multiple router models, including the TL-WR841N and Archer C7. The flaws allow for authentication bypass and remote code execution, respectively. Affected models have reached end-of-life status, and users are advised to upgrade to newer hardware. The exploits are linked to the Quad7 botnet and a China-linked threat actor, Storm-0940. Federal agencies must apply mitigations by September 24, 2025. The vulnerabilities are CVE-2023-50224 and CVE-2025-9377. TP-Link has released firmware updates to address these issues. The affected routers have reached end-of-service status, and users are advised to upgrade to newer hardware for enhanced protection.