Security News

Zyxel Firewalls Under Attack! Urgent Patching Required
2023-06-06 04:16

The U.S. Cybersecurity and Infrastructure Security Agency on Monday placed two recently disclosed flaws in Zyxel firewalls to its Known Exploited Vulnerabilities catalog, based on evidence of active exploitation. The vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010, are buffer overflow vulnerabilities that could enable an unauthenticated attacker to cause a denial-of-service condition and remote code execution.

Zyxel shares tips on protecting firewalls from ongoing attacks
2023-06-03 14:06

Zyxel has published a security advisory containing guidance on protecting firewall and VPN devices from ongoing attacks and detecting signs of exploitation. This warning comes in response to multiple reports of widespread exploitation of the CVE-2023-28771 and the exploitability and severity of CVE-2023-33009 and CVE-2023-33010, all impacting Zyxel VPN and firewall devices.

Zyxel firewalls under attack by Mirai-like botnet
2023-06-01 08:41

CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to CISA's Known Exploited Vulnerabilities catalog. CVE-2023-28771 is a vulnerability that allows unauthenticated attackers to execute OS commands remotely by sending crafted IKE packets to an affected device.

Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks
2023-06-01 04:17

The U.S. Cybersecurity and Infrastructure Security Agency has added a recently patched critical security flaw in Zyxel gear to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation. Federal agencies in the U.S. are mandated to update their devices by June 21, 2023.

Hackers exploit critical Zyxel firewall flaw in ongoing attacks
2023-05-31 17:54

Hackers are performing widespread exploitation of a critical-severity command injection flaw in Zyxel networking devices, tracked as CVE-2023-28771, to install malware. The flaw, which is present in the default configuration of impacted firewall and VPN devices, can be exploited to perform unauthenticated remote code execution using a specially crafted IKEv2 packet to UDP port 500 on the device.

Zyxel patches vulnerability in NAS devices (CVE-2023-27988)
2023-05-31 11:47

Zyxel has patched a high-severity authenticated command injection vulnerability in some of its network attached storage devices aimed at home users. The vulnerability was discovered in the devices' web management interface.

Week in review: Zyxel firewalls vulnerability, phishing campaign targets ChatGPT users
2023-05-28 08:00

Wireless Broadband Alliance CEO on key drivers for Wi-Fi adoption in enterprise networksThis Help Net Security interview with Tiago Rodrigues, CEO at Wireless Broadband Alliance, delves into the future of enterprise networking, exploring the significant role of Wi-Fi 6E and Private 5G. Navigating the quantum leap in cybersecurityIn this Help Net Security interview, we sit down with Dr. Atsushi Yamada, the newly appointed CEO of ISARA, a security solutions company specializing in creating quantum-safe cryptography. Barracuda email security appliances hacked via zero-day vulnerabilityA vulnerability in Barracuda Networks' Email Security Gateway appliances has been exploited by attackers, the company has warned.

Zyxel Issues Critical Security Patches for Firewall and VPN Products
2023-05-25 14:43

Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution. Both the flaws - CVE-2023-33009 and CVE-2023-33010 - are buffer overflow vulnerabilities and are rated 9.8 out of 10 on the CVSS scoring system.

Zyxel warns of critical vulnerabilities in firewall and VPN devices
2023-05-25 13:31

Zyxel is warning customers of two critical-severity vulnerabilities in several of its firewall and VPN products that attackers could leverage without authentication. CVE-2023-33009: A buffer overflow vulnerability in the notification function in some Zyxel products, allowing an unauthenticated attacker to perform remote code execution or impose DoS conditions.

Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771)
2023-05-22 10:28

A recently fixed command injection vulnerability affecting a variety Zyxel firewalls may soon be exploited in the wild, Rapid7 researchers have warned, after publishing a technical analysis and a PoC script that triggers the vulnerability and achieves a reverse root shell. Zyxel APT, USG FLEX, and VPN firewalls running versions v4.60 to v5.35 of the ZDL firmware, and.