Zyxel security advisory: protecting against recent firewall threats

Zyxel_May
Zyxel_May Posts: 166  Zyxel Employee
First Comment Fourth Anniversary

Summary

Zyxel is aware of recent attempts by threat actors to target Zyxel firewalls through previously disclosed vulnerabilities, as reported in Sekoia’s blog post. We confirm that the reported issues are not reproducible on firmware version 5.39, released on September 3, 2024.

To safeguard devices, we have strongly urged users to update their firmware and change admin passwords. These updates are critical to mitigating the risk of threat actors exploiting previously disclosed vulnerabilities in Zyxel security appliances.

What should you do?

To protect your network and prevent possible attacks, we strongly recommend the following proactive measures:

  • Update Firmware: Immediately update your device to the latest firmware version.
  • Disable Remote Access: If updates cannot be applied immediately, temporarily disable remote access to your device until the firmware is patched.
  • Review Best Practices: Review general cybersecurity guidelines [here].

Got a question?

Please contact your local service rep or visit Zyxel’s Community for further information or assistance.

Revision history

2024-11-21: Initial release