CyberNews Briefs

Zyxel urges customers to patch critical firewall bypass vulnerability

Taiwanese networking giant Zyxel released a security advisory urging its customers to patch a critical flaw that can lead to the circumvention of firewall protection. The vulnerability has a CVSS score of 9.8, making it highly severe, and affects Zyxel USG, ZyWALL, FLEX, ATP, VPN, and NSG product lines. The flaw has been described as an authentication bypass error that is caused by a failure in the access control mechanisms.

The bug is currently present in a number of CGI programs that are embedded in firewall software. Zyxel has released patches for the software impacted by the flaw, and users should implement them immediately. Zyxel noted that the patches only apply to products still in their support period. The company launched an investigation into the vulnerability to find out more about its nature. Legacy product users are more vulnerable than others, according to Zyxel.

Read More: Zyxel urges customers to patch critical firewall bypass vulnerability

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.