Security News > 2020 > February > Zyxel 0day Affects its Firewall Products, Too

Zyxel 0day Affects its Firewall Products, Too
2020-02-26 14:43

On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage devices that is being actively exploited by crooks who specialize in deploying ransomware.

Today, Zyxel acknowledged the same flaw is present in many of its firewall products.

Alex Holden, the security expert who first spotted the code for sale, said at the time the vulnerability was so "Stupid" and easy to exploit that he wouldn't be surprised to find other Zyxel products were similarly affected.

"We've now completed the investigation of all Zyxel products and found that firewall products running specific firmware versions are also vulnerable," Zyxel wrote in an email to KrebsOnSecurity.

Hopefully, your vulnerable, unsupported Zyxel NAS isn't being protected by a vulnerable, unsupported Zyxel firewall product.


News URL

https://krebsonsecurity.com/2020/02/zyxel-0day-affects-its-firewall-products-too/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Zyxel 378 0 69 85 46 200