Networking equipment vendor Zyxel has pushed security updates for a critical flaw, tracked as CVE-2022-0342 (CVSS 9.8), that affects some of its business firewall and VPN products. The vulnerability can be exploited to take control of the devices.
“Zyxel has released patches for products affected by the authentication bypass vulnerability. Users are advised to install them for optimal protection.” reads the advisory published by the company. “An authentication bypass vulnerability caused by the lack of a proper access control mechanism has been found in the CGI program of some firewall versions. The flaw could allow an attacker to bypass the authentication and obtain administrative access of the device”
The following versions are affected by the vulnerability:
Affected series | Affected firmware | Patch availability |
---|---|---|
USG/ZyWALL | ZLD V4.20 through ZLD V4.70 | ZLD V4.71 |
USG FLEX | ZLD V4.50 through ZLD V5.20 | ZLD V5.21 Patch 1 |
ATP | ZLD V4.32 through ZLD V5.20 | ZLD V5.21 Patch 1 |
VPN | ZLD V4.30 through ZLD V5.20 | ZLD V5.21 |
NSG | V1.20 through V1.33 Patch 4 | Hotfix V1.33p4_WK11* available now Standard patch V1.33 Patch 5 in May 2022 |
The vulnerability was reported by Alessandro Sgreccia from Tecnical Service Srl and Roberto Garcia H and Victor Garcia R from Innotec Security.
The vendor is recommending customers to install the firmware updates for optimal protection.
The good news is that the vendor has no evidence that the vulnerability has been exploited in attacks in the wild.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Zyxel)
[adrotate banner=”5″]
[adrotate banner=”13″]
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly…
Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of…
This website uses cookies.