Threat Intelligence Blog
Contact us to discuss any insights from our Blog, and how we can support you in a tailored threat intelligence report.
Black Arrow Cyber Advisory 27/05/2022 – Multiple Zyxel Vulnerabilities identified for Firewalls and Access Points
Black Arrow Cyber Advisory – Multiple Zyxel Vulnerabilities identified for Firewalls and Access Points
Executive Summary
Several vulnerabilities have been disclosed within Zyxel products, affecting firewalls, access point controllers and access points produced by the company. Most of these vulnerabilities require a locally authenticated user, and therefore could be used for further attacks if a local user account is compromised.
Executive Summary
Executive Summary
A critical flaw has been discovered within Zyxel Firewall products, allowing for a malicious user to bypass the Authentication requirement on the device, enabling unauthorised privileged access. The bug impacts several Zyxel Firewall Network Access Control (NAC) systems as detailed within the technical summary. The bug, achieves a 9.8 on the Common Vulnerability Scoring System (CVSS).
What’s the risk to my business?
Due to the severity of the bug, and the ability for attackers to gain unauthorised privileged access to critical perimeter defence, the risk to businesses operating affected Zyxel Firewalls is high.
What can I do?
The bug has been reported, and a patch has been issued. Businesses operating these devices are urged to implement as soon as possible.
Technical Summary
Zyxel have issued a patch for bug CVE-2022-0342, which was disclosed on 03/28/2022. Zyxel’s investigation has only been focused on devices within their warranty and support period. The following Zyxel products are confirmed to be affected, with the appropriate patches listed:
· USG/ZyWALL, running version ZLD V4.20 to ZLD V4.70 | Fixed in Patch ZLD V4.71
· USG FLEX, running version ZLD V4.50 to ZLD V5.20 | Fixed in Patch ZLD V5.21 Patch 1
· ATP, running version ZLD V4.32 to ZLD V5.20 | Fixed in Patch ZLD V5.21 Patch 1
· VPN, running version ZLD V4.30 to ZLD V5.20 | Fixed in Patch ZLD V5.21
· NSG, running version V1.20 to V1.33 Patch 4 | Fixed in Hotfix V1.33p4_WK11, available from vendor. Fix will be included in standard patch V1.33 Patch 5 when released in May 2022.
Need help understanding your gaps, or just want some advice? Get in touch with us.
#threatadvisory #threatintelligence #cybersecurity