minute read
Share this article:
More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerability (CVE-2020-29583) potentially allowing cybercriminal device takeover.
Security experts are warning hackers are ramping up attempts to exploit a high-severity vulnerability that may still reside in over 100,000 Zyxel Communications products.
Zyxel, a Taiwanese manufacturer of networking devices, on Dec. 23 warned of the flaw in its firmware (CVE-2020-29583) and released patches to address the issue. Zyxel devices are generally utilized by small businesses as firewalls and VPN gateways.
Fast forward to this week, several security researchers have spotted “opportunistic exploitation” of Zyxel devices that have not yet received updates addressing the vulnerability.
Also:
Device owners are advised to update systems as soon as time permits.
Security experts warn that anyone ranging from DDoS botnet operators to state-sponsored hacking groups and ransomware gangs could abuse this backdoor account to access vulnerable devices and pivot to internal networks for additional attacks. Affected modules include many enterprise-grade devices
Affected models include many of Zyxel s top products from its line of business-grade devices, usually deployed across private enterprise and government networks.
This includes Zyxel product lines such as:
the Advanced Threat Protection (ATP) series - used primarily as a firewall
the Unified Security Gateway (USG) series - used as a hybrid firewall and VPN gateway