• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Secret Backdoor Account Found In Several Zyxel Firewall, Vpn Products

Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products

You are here: Home / General Cyber Security News / Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products

Zyxel has produced a patch to handle a critical vulnerability in its firmware regarding a hardcoded undocumented top secret account that could be abused by an attacker to login with administrative privileges and compromise its networking gadgets.

The flaw, tracked as CVE-2020-29583 (CVSS rating 7.8), affects version 4.60 existing in vast-selection of Zyxel products, which includes Unified Security Gateway (USG), USG FLEX, ATP, and VPN firewall solutions.

EYE researcher Niels Teusink claimed the vulnerability to Zyxel on November 29, adhering to which the enterprise unveiled a firmware patch (ZLD V4.60 Patch1) on December 18.

✔ Approved Seller by TheCyberSecurity.News From Our Partners
Avast Ultimate Suite 2021

Protect yourself against all threads using AVAST Ultimate Suite. AVAST Ultimate Suite protects your Windows, macOS and your Android via Avast Premium. In addition it comes with AVAST's well-known VPN service SecureLineVPN. Therefore, it will be a security and privacy in one package.

Get AVAST Ultimate Suite with 65% discount certified seller: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


In accordance to the advisory revealed by Zyxel, the undocumented account (“zyfwp”) arrives with an unchangeable password (“PrOw!aN_fXp”) that’s not only stored in plaintext but could also be used by a malicious 3rd-party to login to the SSH server or web interface with admin privileges.

Zyxel mentioned the hardcoded credentials ended up put in position to provide automated firmware updates to connected entry factors by FTP.

Noting that close to 10% of 1000 equipment in the Netherlands run the afflicted firmware version, Teusink mentioned the flaw’s relative ease of exploitation helps make it a critical vulnerability.

“As the ‘zyfwp’ person has admin privileges, this is a critical vulnerability,” Teusink claimed in a publish-up. “An attacker could wholly compromise the confidentiality, integrity and availability of the machine.”

“A person could for instance adjust firewall settings to make it possible for or block sure website traffic. They could also intercept site visitors or generate VPN accounts to acquire entry to the network powering the device. Merged with a vulnerability like Zerologon this could be devastating to little and medium businesses.”

The Taiwanese organization is also anticipated to address the issue in its obtain level (AP) controllers with a V6.10 Patch1 which is established to be unveiled in April 2021.

It really is hugely recommended that buyers put in the necessary firmware updates to mitigate the risk involved with the flaw.

Found this write-up intriguing? Comply with THN on Facebook, Twitter  and LinkedIn to examine far more distinctive material we article.


Some elements of this write-up are sourced from:
thehackernews.com

Previous Post: «Inbox Attacks: The Miserable Year (2020) That Was Inbox Attacks: The Miserable Year (2020) That Was
Next Post: Ticketmaster To Pay $10 Million Fine For Hacking A Rival Company Ticketmaster To Pay $10 Million Fine For Hacking A Rival»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Recent Posts

  • Big Tech Bans Social Networking App
  • Lack of Funding Could Lead to “Lost Generation” of Cyber-Startups
  • Unveiled: SUNSPOT Malware Was Used to Inject SolarWinds Backdoor
  • ‘I’ll Teams you’: Employees assume security of links, file sharing via Microsoft comms platform
  • DarkSide decryptor unlocks systems without ransom payment – for now
  • Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group
  • Millions of Social Profiles Leaked by Chinese Data-Scrapers
  • Feds will weigh whether cyber best practices were followed when assessing HIPAA fines
  • SolarWinds Hack Potentially Linked to Turla APT
  • 10 quick tips to identifying phishing emails

Copyright © TheCyberSecurity.News, All Rights Reserved.