Newest security incident (Remote mng, SSL VPN)

kyssling
kyssling Posts: 68  Ally Member
Hello , are we affected by latest security incident with FW V4.62(AAPH.0)ITS-WK02-r98140 or this security problem is only with  ZLD firmware for USG110 ?

Answers

  • mMontana
    mMontana Posts: 424  Master Member
    I had some verifications among different devices (USG20-VPN, USG20W-VPN, USG40, USG60, USG60W) and i found unwanted users.
    For all devices, firmware version 4.63 (not the latest one, according to this topic)

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 963  Zyxel Employee

    Hi @kyssling
    Based on our investigation so far, a small subset of Zyxel security appliances is targeted. Currently we haven’t observed any direct correlation with specific firmware versions. The most effective way is to check if there is any unknown SSL VPN user account, such as “zyxel_sllvpn”, “zyxel_ts”, or “zyxel_vpn_test”, has been created. If not, your device is not affected, and please follow the mitigations below as a precaution.

Security Highlight