The U.S. Federal Communications Commission (FCC) has essentially banned all network routers produced in foreign countries, updating its Covered List to include such devices and prevent them from receiving equipment authorization required for importation and sale in the United States.
The action stems from a national security determination by an Executive Branch interagency body, which concluded that foreign-produced routers pose unacceptable risks to U.S. communications networks, critical infrastructure and public safety. Federal officials cited concerns that supply-chain vulnerabilities and cybersecurity weaknesses in consumer networking hardware could be exploited for espionage, network disruption and other malicious activity.
Under the Secure and Trusted Communications Networks Act, equipment placed on the FCC’s Covered List is prohibited from obtaining new equipment authorizations. Because most electronic communications devices must be certified before they can be marketed or sold domestically, the decision effectively blocks new foreign-made router models from entering the U.S. market.
The FCC clarified that the update does not affect routers already authorized, imported or in use. Previously approved devices may continue to be sold and deployed, and consumers are not required to replace existing equipment.
Manufacturers can seek exemptions through a conditional approval process administered by federal security agencies. To qualify, producers must provide detailed information about component sourcing, software control, manufacturing locations, and plans to establish or expand U.S.-based production. Conditional approvals, if granted, allow specific devices or product classes to proceed through the equipment authorization process.
How this could impact integrators
The U.S. government, citing cybersecurity concerns, has previously considered banning devices from manufacturers such as TP-Link, a major supplier of consumer-grade routers, ostensibly due to its headquarters being in China. Given the recent geopolitical tensions and outbreak of conflict in Europe and the Middle East, this move appears to be a response.
However, that’s not to say these concerns aren’t unfounded. In fact, smart home devices are inherently insecure. A CE Pro analysis of publicly disclosed vulnerabilities in CEDIA market brands does in fact find many networking products from several manufacturers contain a long list of vulnerabilities, many of which were exploited by hackers before they could be patched.
Other industry research finds routers are a common source of cybersecurity issues in smart homes. A recent report from NETGEAR and cybersecurity firm Bitdefender finds that routers especially are increasingly compromised as part of DDoS attacks. The same report found that the average smart home faces 29 cyberattacks a day.
The move expands the scope of the FCC’s Covered List, which previously targeted telecommunications equipment, surveillance systems, cybersecurity software and uncrewed aircraft technologies tied to national security concerns. By extending restrictions to consumer networking hardware, the decision underscores heightened federal scrutiny of connected devices viewed as potential entry points into domestic communications infrastructure.
For integrators and networking professionals, the ruling could influence vendor selection and long-term product planning, particularly in projects that rely on advanced networking infrastructure. Manufacturers typically begin announcing and launching new products between now and CEDIA Expo/CIX, currently scheduled for Sept. 1-4. Now, actually getting those next-generation products imported will seemingly take some jumping through hoops.
While the immediate impact is limited to future product approvals, the broader policy direction signals ongoing efforts to reshape supply chains and strengthen domestic production of critical communications technologies.
The FCC said it will continue updating the Covered List as additional national security determinations are issued and will provide guidance to certification bodies and testing labs on implementation of the new requirements.
Another version of this article originally appeared on our sister-site CE Pro on March 24, 2026. It has since been updated for Commercial Integrator’s audience.
