The US Cybersecurity and Infrastructure Security Agency (CISA) announced that a vulnerability in some Zyxel network-attached storage (NAS) products has been exploited. The Taiwanese company advised its users that some of its NAS326, NAS540, AND NAS542 devices were vulnerable last week. Products running firmware versions newer than 5.21 are safe, but many products were not updated since this announcement.
Zyxel explained that a pre-authentication injection vulnerability allowed attackers to execute operating system commands remotely. The bug, CVE-2023-27992, was patched in Zyxel’s June 20 updates. CISA updated its Known Exploited Vulnerabilities Catalog with CVE-2023-27992 on June 23 and urged federal agencies to take action by July 14. The details are not public, but CISA is known to be the first to disclose the exploitation of a flaw. Zyxel strongly advises its customers to install patches to protect themselves from the exploited bug.
Read More: