Critical Zyxel firewall vulnerability under active exploitation

Source: NCSC-FI (Finland)
Link: https://www.kyberturvallisuuskeskus.fi/en/haavoittuvuus_18/2021
Published: 2021-06-29

Summary

Zyxel notified that an advanced adversary is exploiting a vulnerability in specific firewall devices. Exploits began on June 22. Zyxel released a patch and mitigation instructions.

Key Points

• Vendor: Zyxel network devices
• Affected products: Specific firewall devices
• Exploitation status: Active exploitation by advanced adversary
• Exploitation start: June 22, 2021
• Fix available: Patch and mitigation instructions released
• Severity: Critical

Impact

Active exploitation by advanced adversary suggests targeted attacks on Zyxel firewall users. Organizations must prioritize patching perimeter security devices.