Zyxel vulnerability makes attacker administrator of firewall

Network manufacturer Zyxel warns of a critical vulnerability that could allow an attacker to become administrator of Zyxel firewalls. The devices contain a vulnerability that could allow an attacker to bypass authentication and gain administrative access to the device. The impact of the leak, designated CVE-2022-0342, has been rated 9.8 on a scale of 1 to 10. Zyxel has released firmware updates for several firewall series: the USG/ZyWALL, USG FLEX, ATP, VPN and NSG. Last year, another vulnerability in these devices was still actively used in attacks. Zyxel therefore advises customers to install the update for “optimal protection”.

en_USEN