Sign In

Communications of the ACM

ACM TechNews

Zyxel Remote Execution Bug Being Exploited

View as: Print Mobile App Share:
The zyxel USG 100 firewall, one of the affected products.

The Shadowserver Foundation said it had seen exploitation kick off on May 13, and urged users of the affected products to patch them immediately.

Credit: Zyxel

Researchers at the cybersecurity software company Rapid7 found a bug in Zyxel firewalls that could enable unauthenticated remote attackers to execute code.

The affected firewall models include Zyxel's VPN and ATP series and USG 100(W), 200, 500, 700, and Flex 50(W)/USG20(W)-VPN.

The Shadowserver Foundation pegs the number of affected models at more than 20,800.

The vulnerability was first reported on April 13, with patches released silently by Zyxel on April 28.

Said Rapid7's Jake Baines, "We're releasing this disclosure early in order to assist defenders in detecting exploitation and to help them decide when to apply this fix in their own environments, according to their own risk tolerances. In other words, silent vulnerability patching tends to only help active attackers, and leaves defenders in the dark about the true risk of newly discovered issues."

From ZDNet
View Full Article


Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account