Newest security incident (Remote mng, SSL VPN)

kyssling
kyssling Posts: 107  Ally Member
First Comment First Answer Friend Collector Sixth Anniversary
in Security
Hello , are we affected by latest security incident with FW V4.62(AAPH.0)ITS-WK02-r98140 or this security problem is only with  ZLD firmware for USG110 ?

All Replies

  • mMontana
    mMontana Posts: 1,428  Guru Member
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Switch 50 Answers 1000 Comments
    I had some verifications among different devices (USG20-VPN, USG20W-VPN, USG40, USG60, USG60W) and i found unwanted users.
    For all devices, firmware version 4.63 (not the latest one, according to this topic)

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,397  Zyxel Employee
    100 Answers 1000 Comments Friend Collector Seventh Anniversary

    Hi @kyssling
    Based on our investigation so far, a small subset of Zyxel security appliances is targeted. Currently we haven’t observed any direct correlation with specific firmware versions. The most effective way is to check if there is any unknown SSL VPN user account, such as “zyxel_sllvpn”, “zyxel_ts”, or “zyxel_vpn_test”, has been created. If not, your device is not affected, and please follow the mitigations below as a precaution.

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)