A critical vulnerability discovered in a number of Zyxel networking appliances is being abused in the wild, cybersecurity researchers are saying, urging users to apply a fix now.
A flaw tracked as CVE-2023-28771 was recently discovered affecting different devices belonging to multiple lineups: ATP, USG FLEX – ZLD, VPN – ZLD, and ZyWALL/USG – ZLD. The flaw was described as a critical severity command injection flaw that allows threat actors to install malware on the affected endpoints.
The devices need to be in default configuration mode for the attackers to be able to perform unauthenticated remote code execution via a specially designed IKEv2 packet.
Numerous devices affected
Zyxel released a patch for the flaw in late April this year, and the Cybersecurity and Infrastructure Security Agency (CISA) has now pushed a warning, urging federal agencies to patch their endpoints by June 21, as the flaw is being actively leveraged. BleepingComputer also reported that cybersecurity researchers from Rapid7 also confirmed threat actors abusing the flaw.
One of the groups actively engaged in targeting vulnerable Zyxel devices is Mirai, that’s been expanding its botnet since May 26.
Mirai is usually used for distributed denial of service (DDoS) attacks, but the infected devices can be used for different kinds of cyberattacks.
The news comes less than a week since Zyxel reported discovering two critical vulnerabilities in some of its networking gear. Both of these vulnerabilities are buffer overflows, allowing for denial-of-service (DoS) attacks, as well as remote code execution (RCE), and both were found in some of Zyxel’s firewall and VPN products, and carry a severity score of 9.8 (critical). They are being tracked as CVE-2023-33009, and CVE-2023-33010.
“Zyxel has released patches for firewalls affected by multiple buffer overflow vulnerabilities,” the company’s security advisory reads. “Users are advised to install them for optimal protection.”.
Via BleepingComputer
English
Arabic
Belarusian
Bengali
Bosnian
Bulgarian
Chinese (Simplified)
Croatian
Czech
Danish
Dutch
Estonian
Filipino
Finnish
French
Georgian
German
Greek
Gujarati
Hausa
Hebrew
Hindi
Hmong
Hungarian
Igbo
Indonesian
Italian
Japanese
Javanese
Kazakh
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latvian
Lithuanian
Macedonian
Malagasy
Norwegian
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Thai
Turkish
Ukrainian
Vietnamese
Yoruba