FCC moves to block new foreign-made routers

In a nasty surprise, the FCC placed all foreign-made routers on the so-called covered products list, effectively banning the sale of new products in the United States.

This decision follows the FCC’s national security ruling, which concluded that routers used by individuals and home offices could be attacked by foreign actors. As a result, “routers produced in a foreign country” will be added to the covered list. This means that no future routers manufactured in a foreign country will receive an FCC license to be sold in the United States.

And the list of countries covered has some teeth. At one time, products made by Huawei, like this Matebook laptop, were sold in the United States. Phones like the Huawei Mate 10 were too. On March 12, 2021, however, the FCC created the covered list. Huawei was on the original list and its products disappeared from US store shelves, as did ZTE’s telecommunications products as well as Kaspersky Lab’s anti-malware products.

Today, the FCC ruled that foreign-made routers are too vulnerable to attacks to be sold in the United States.

Being on the covered list does not necessarily mean that Americans will not be allowed to own routers on the list or, conversely, that retailers will not be allowed to own routers on the list. will be able to sell old inventory. In this sense, it is not a formal ban.

“Today’s action does not impact a consumer’s continued use of previously acquired routers,” the FCC said in a statement. “It also does not prevent retailers from continuing to sell, import, or market router models previously approved through the FCC’s equipment authorization process. Pursuant to the FCC’s Covered List rules, the restrictions imposed today apply to new device models.”

On the other hand, being added to the list of covered products may serve a similar purpose: the FCC must allow all new devices that emit radio waves to be sold in the United States. If the FCC refuses to authorize new routers produced outside the United States, they simply won’t be sold. At this point, a retailer might decide to sever its relationship with a company entirely.

There is a real possibility that this will happen as well. After Huawei was placed on the covered list in 2021, existing approved devices could still be sold in the United States. But in October 2025, FCC Chairman Brendan Carr said the agency would vote to “establish a process for the FCC to prohibit the importation, marketing, or sale of previously authorized devices that the agency subsequently placed on the covered list for national security reasons.” The agency did so, creating a mechanism to prevent the sale of these devices.

Are routers too insecure?

Experts have long warned that routers are one of the least secure ways to access a home network, precisely because consumers don’t update them as often as they should. This can lead to catastrophic vulnerabilities or simply persistent flaws that can be easily patched.

The FCC said it believes foreign-made routers now pose too many security risks, period.

“Recently, malicious cyberattackers, state-sponsored and non-state-sponsored, have increasingly exploited vulnerabilities in foreign-produced small office and home office routers to conduct direct attacks against U.S. civilians in their homes,” the FCC national security ruling concludes. “From disrupting network connectivity to enabling spying on local networks and theft of intellectual property, foreign-produced routers pose unacceptable risks to Americans.

“Additionally, foreign-produced routers were directly involved in the Volt, Flax, and Salt Typhoon cyberattacks that targeted critical U.S. communications, energy, transportation, and water infrastructure,” the statement added. “Routers in the United States must have reliable supply chains so that we do not provide foreign actors with a built-in backdoor into American homes, businesses, critical infrastructure and emergency services.”

According to the FCC, the determination applies to all routers “produced” in a foreign country, although the FCC did not specify whether this meant foreign companies that manufacture routers or domestic router companies with manufacturing operations abroad or that use foreign subcontractors. Many router manufacturers are headquartered in the United States, including Netgear and Linksys, but many manufacture their devices overseas. (Netgear uses various contract manufacturers, including Taiwan’s Foxconn, according to a Form 10-K filed in 2025.) Conversely, a company like TP-Link, founded in China, has established its international headquarters in the United States.

“Virtually all routers are manufactured outside the United States, including those produced by U.S.-based companies like TP-Link, which manufactures its products in Vietnam,” a TP-Link spokesperson said in a statement. “It appears that the entire router industry will be impacted by the FCC’s announcement regarding new devices not previously authorized by the FCC. TP-Link is confident in the security of our supply chain and we welcome this assessment of the entire industry.”

Broadcom and Netgear did not immediately respond to a request for comment. PCWorld requested comment from the FCC after hours.

The FCC, however, listed several exemptions, described as “conditional approvals” by the agency. However, none of them are consumer routers: they include control mechanisms for drones, including those made by SiFly, Mobilicom, the ScoutDI Scout 137 drone system, and the Verge Aero X1 drone system.

This story was updated at 5:19 p.m. on March 23 with additional comment from TP-Link.