Security updates: Root hole threatens Zyxel firewalls

Attackers could target vulnerabilities in Zyxel firewalls and, in the worst case, execute their own commands with root privileges. Security updates are available.

The root vulnerability (CVE-2022-30526) has a threat level of “high“ classified. Local attackers could attack the CLI command component here. By successfully exploiting the second vulnerability (CVe-2022-2030 “medium’) attackers could gain unauthorized access to files.

According to an alert, the following series are vulnerable:

ATP series
USG FLEX 50(W) / USG20(W) VPN
USG FLEX 100(W), 200, 500, 700
USG/ZyWALL
VPN Series

Against the attacks is the version ZLD V5.31 secured. If you use the USG/ZyWALL series, you must use the secured firmware release ZLD V4.72 get it from support.

(of)

To home page

secIT Digital: How to protect companies from targeted cyber attacks

Microsoft confirms Windows printing problems after update

Hoping for a return: what chances AirPort, HomePod, MacBook and iMac Pro have

Artificial intelligence: Nvidia AI Enterprise 2.1 is connected to OpenShift

Apache Flink Kubernetes Operator: Version 1.1.0 offers native Kubernetes events

iX Workshop: Hardening Linux Servers | hot online

Shop system: Attackers copy credit card data from PrestaShop websites

Tumbling graphics card prices: Nvidia’s high-end GeForces are becoming cheaper

Paying in the browser: W3C presents first draft for Payment Request API 1.1

Security updates: Root hole threatens Zyxel firewalls | hot online