A new vulnerability was discovered by a Dutch security expert at EYE, saying that more than 100,000 Zyxel Firewalls and VPN gateways are exposed for attackers and hackers to compromise because of backdoor access. The access directly hands off the login credentials of an administrator that can topple the entire system's integrity.
The network equipment company based in Taiwan, Zyxel, has an imminent attack vulnerability that hid under their noses, potentially endangering their systems and users in a backdoor exposure. The dangerous access was unknown to the company and has only been revealed by the security expert recently, for the company to take action.
According to EYE, Zyxel already released an advisory and a firmware update to address the issue and protect its users from the imminent danger that may put its clients into harm's way. Most of its products were affected and are vulnerable to the attack, with majority of its clients being small to medium-scale business owners worldwide.
Zyxel Firmware Update: Answer to Stop Vulnerable Systems
Zyxel's firmware update advisory released last December aims to address the vulnerability, protecting its users and clients from the dangers which were discovered in their systems. The company has several systems that are exposed and in-danger, which means a massive rework on the platforms that have administrator access.
The systems from Zyxel include the USG, ATP, VPN, ZyWALL, and USG FLEX were affected by the vulnerability and are advised to immediately look into updating their firmware. The security expert revealed that he discovered this in late November, with Zyxel immediately following up for firmware security by the end of December.
Zyxel Vulnerability: Basic Coding Can Expose the System Says, Expert
The Dutch security expert, Niels Teusink, who revealed that he also uses the system, discovered that a plaintext password was visible on the company's binary systems. The expert also revealed that the vulnerability was seen on the firmware version before the security update, which was initially released by Zyxel.
The said account was intended by Zyxel to control and deliver all firmware updates for the company automatically and was made to serve the company's interests and needs. However, the overlooked factor became a threat against the company and its users, which would have exposed sensitive information for both parties.
A hardcoded "zyfwp" was the root cause of the problem, all linked to the company's firewalls and access point (AP) controllers which are considered to be a great deal in terms of cybersecurity. The full list of devices affected can be found through this link.
The company said that future firmware updates are soon coming to protect more of its systems and clients who were initially at risk for massive attacks that can compromise cybersecurity. Additionally, there would be a forthcoming patch for the company in April 2021, particularly for its AP Controllers with the NXC2500 and NXC5500 series.
Related Article: FBI And Other Law Enforcement Agencies Take Down Three VPN Services; Here's What They Discover
This article is owned by Tech Times
Written by Isaiah Alonzo
