Zyxel raises the alarm over new security holes in firewalls, other products
Patch up immediately, the company says
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Networking gear manufacturer Zyxel has warned customers of multiple vulnerabilities recently discovered in a number offirewalls, AP and AP controller products. The vulnerabilities can be exploited to steal various data from the devices, crash them, run arbitrary OS commands and disable multi-factor authentication.
In isolation, the vulnerabilities aren’t particularly threatening, but they can be chained together to perform a more devastating attack. Given that many large enterprises use Zyxel gear, the company has urged its customers to patch up theirendpointsimmediately.
The four flaws in question are tracked as CVE-2022-0734, a CSS vulnerability in the CGI component; CVE-2022-26531, an improper validation flaw in some CLI commands; CVE-2022-26532, a command injection flaw in some CLI commands; and CVE-2022-0910 (6.5), an authentication bypass vulnerability in the CGI component.
Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.
Numerous devices affected
The devices affected by the flaws include USG/ZyWALL, USG FLEX, ATP,VPN, NSG firewalls, NXC2500 and NXC5500 AP controllers, and a range of Access Point products, including models of the NAP, NWA, WAC, and WAX series.
While the fixes are already available for most of the affected endpoints, administrators must ask their local service representative for AP controllers hotfix, as these are not available to the general public.
WatchGuard firewalls exploited by Russian hackers, CISA warns>This devious cyberattack might be selling off your internet bandwidth>These popular VPNs, firewalls are actively under attack
AsBleepingComputernotes, US companies should make sure topatchup as soon as possible, given that they are heading into a holiday weekend. Threat actors are known to increase their activities during weekends and holidays, as those are the days when IT departments usually operate with a skeleton team.
Zyxel is a popular target for cybercrooks. Earlier this month, its VPN and firewall products were under attack, when a critical vulnerability tracked as CVE-2022-30525 - present in ATP, VPN and some USG FLEX series products - was discovered.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
This flaw allowed threat actors to bypass authentication and achieve remote code execution.
ViaBleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
Dangerous Android banking malware looks to trick victims with fake money transfers
Sophos Firewall hack on government network used an all-new custom malware
Don’t wait until Black Friday, this year’s best Nintendo Switch bundles are on sale now
