Zyxel patches critical vulnerability that can allow Firewall and VPN hijacks

ByJosephine J. Romero

Apr 5, 2022 , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Zyxel patches critical vulnerability that can allow Firewall and VPN hijacks


Stylized blue illustration of binary code and semiconductors.

Components producer Zyxel has issued patches for a really important security flaw that provides destructive hackers the means to just take control of a huge variety of firewalls and VPN products the business sells to firms.

The flaw is an authentication bypass vulnerability that stems from a absence of a suitable entry-control mechanism in the CGI (frequent gateway interface) of influenced units, the organization stated. Accessibility control refers to a established of procedures that count on passwords and other sorts of authentication to make certain resources or info are offered only to approved people today. The vulnerability is tracked as CVE-2022-0342.

“The flaw could allow an attacker to bypass the authentication and obtain administrative access of the product,” Zyxel claimed in an advisory. The severity ranking is 9.8 out of a possible 10.

The vulnerability is present in the next devices:

Affected series Influenced firmware variation Patch availability
USG/ZyWALL ZLD V4.20 as a result of ZLD V4.70 ZLD V4.71
USG FLEX ZLD V4.50 as a result of ZLD V5.20 ZLD V5.21 Patch 1
ATP ZLD V4.32 by means of ZLD V5.20 ZLD V5.21 Patch 1
VPN ZLD V4.30 through ZLD V5.20 ZLD V5.21
NSG V1.20 by way of V1.33 Patch 4
  • Hotfix V1.33p4_WK11* offered now
  • Conventional patch V1.33 Patch 5 in May 2022

The advisory comes just after other hardware makers have lately reported their merchandise have identical vulnerabilities that are actively staying exploited in the wild. Sophos, for instance, stated that an authentication bypass vulnerability permitting distant code execution was lately fastened in the Sophos Firewall v18.5 MR3 (18.5.3) and more mature. CVE-2022-1040 was by now getting employed to target companies, primarily in Asia.

Trend Micro also warned that hackers ended up exploiting a vulnerability in its Trend Micro Apex Central that made it probable to upload and execute destructive information. The flaw is tracked as CVE-2022-26871.

Zyxel credited the discovery of CVE-2022-0342 to Alessandro Sgreccia from Tecnical Assistance SrL and Roberto Garcia H and Victor Garcia R from Innotec Safety. There are no acknowledged experiences of the vulnerabilities currently being actively exploited.



Supply hyperlink