Zyxel shares tips on protecting firewalls from ongoing attacks
Zyxel has published a security advisory containing guidance on protecting firewall and VPN devices from ongoing attacks and detecting signs of exploitation. [...]
Zyxel makes networking devices and software whose vulnerabilities, security advisories, and updates can affect access controls, data, and connected networks.
Search across headline titles and summaries.
Background for this topic.
Zyxel is a networking-equipment vendor whose products include routers, firewalls and VPN gateways, switches, wireless access points, and some network-attached storage devices. These systems provide connectivity and, in many deployments, sit at the network edge or enforce access between internal networks and the internet. Their firmware and web-based administration interfaces are therefore central to how the equipment is configured and secured.
Security advisories for Zyxel devices matter because flaws in firmware or management services can enable unauthorized administration, configuration changes, or access through exposed WAN, VPN, or web interfaces. Risk depends on the affected model, firmware version, exposure, and configuration; it is not uniform across the product range. Defenders should maintain an accurate device inventory, track model-specific advisories, restrict management access to trusted networks, disable unnecessary internet-facing services, and apply supported updates promptly. Devices that are end-of-support or cannot be patched may require isolation or replacement, while logs and configuration changes can help identify attempted compromise.
Zyxel has published a security advisory containing guidance on protecting firewall and VPN devices from ongoing attacks and detecting signs of exploitation. [...]
Hackers are performing widespread exploitation of a critical-severity command injection flaw in Zyxel networking devices, tracked as CVE-2023-28771, to install malware. [...]