CyberNews Briefs

Over 20,000 Zyxel Firewalls Still Exposed to Critical Bug

According to security researchers, over 20,000 Zyxel Firewalls remain vulnerable to critical bug that was patched by the vendor back in April. The flaw lies in the ATP series, VPN series, and USG FLEX series of the firewall product. Security company Rapid7 discovered and disclosed the vulnerability in April of this year, tracked as CVE-2022-30525. The bug can result in a remote and unauthenticated attacker obtaining the ability to achieve arbitrary code execution on infected devices. Therefore, the security vulnerability ranks as high severity.

The vulnerability is the result of a faulty setWanPortSt command, according to security researchers. Customers of the firewall should implement the patch immediately, according to security researchers and Zyxel.

Read More: Over 20,000 Zyxel Firewalls Still Exposed to Critical Bug

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.