Security News > 2020 > March > New Mirai Variant Delivered to Zyxel NAS Devices Via Recently Patched Flaw

New Mirai Variant Delivered to Zyxel NAS Devices Via Recently Patched Flaw
2020-03-20 19:47

A new variant of the notorious Mirai malware has been delivered by cybercriminals to network-attached storage devices made by Zyxel through the exploitation of a recently patched vulnerability.

Zyxel informed customers last month that some of its NAS devices and firewalls are affected by a critical vulnerability - tracked as CVE-2020-9054 - that can be exploited by a remote, unauthenticated attacker to execute arbitrary code on affected devices.

Researchers at Palo Alto Networks first spotted attacks involving the Zyxel device vulnerability on March 12.

The cybersecurity firm says malicious hackers have been exploiting the weakness to deliver a Mirai variant named Mukashi.

The attackers have exploited the Zyxel vulnerability to execute code and download the malware to NAS devices.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/Ib40RlzwGvo/new-mirai-variant-delivered-zyxel-nas-devices-recently-patched-flaw

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-03-04 CVE-2020-9054 OS Command Injection vulnerability in Zyxel products
Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device.
network
low complexity
zyxel CWE-78
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Zyxel 378 0 69 85 46 200