[2025 Jan Tips & Tricks] Take Control of Your Security: Enable 2FA on Your Zyxel Firewalls

Zyxel_JudyH

We’ve said it countless times, but it’s worth repeating: Enable two-factor authentication (2FA) for administrative logins!

This critical recommendation arises from the latest vulnerability disclosures, underscoring the importance of proactive measures. Let’s break it down to safeguard what matters most.

CVE-2024-11667: Key Details and Mitigation

Published: November, 2025

Zyxel has identified and addressed active exploitation attempts targeting their firewall products. Cybersecurity firm Sekoia reported vulnerabilities within Zyxel’s systems, prompting an immediate response to mitigate the threat.

📣 The Issue

The primary vulnerability, CVE-2024-11667, is a directory traversal flaw within the web management interface of Zyxel ZLD firewall firmware (versions 5.00–5.38). Exploiting this vulnerability allows attackers to:

• Download or upload unauthorized files via specially crafted URLs.
• Potentially compromise the security of affected devices, risking data breaches and system integrity.

📣 Zyxel’s Response

Zyxel swiftly addressed the issue by releasing firmware version 5.39 on September 3, 2024, which includes critical security enhancements to block exploit attempts.

• Users running firmware 5.39 or later are protected from this specific threat.
• Zyxel strongly recommends changing all passwords associated with their firewall products to prevent unauthorized access.

📣 Why Enforce 2FA?

Imagine investing significant time and resources to fine-tune your firewall policies, ensuring optimal protection for your network, only to have a vulnerability exploited—granting an attacker full control of your firewall.

This nightmare scenario is preventable. Enforcing 2FA for administrative logins provides a crucial layer of defense. Even if an attacker obtains your credentials, the second layer of authentication serves as a formidable barrier, blocking unauthorized login attempts.

📣 How to Enable 2FA for Administrative

For Nebula Firewalls

Follow our step-by-step guide: Enable 2FA in Nebula Firewalls

For On-Premise Firewalls

Learn how to secure your system with Google Authenticator: Enable 2FA with Google Authenticator

https://community.zyxel.com/en/discussion/11043/how-to-use-two-factor-with-google-authenticator-for-admin-access

📣 Take Action Now

Enabling 2FA is a simple step to ensure your network’s security. Prioritize this essential safeguard today to ensure administrative accounts are fully protected. Let’s work together to avoid threats and secure your systems.

Zyxel_USG_User

I uploaded a suggestion about this already. In the last dialog when entering the 2FA code, ENTER does not work to send the code. Just mouse click works. Funny enough, in the previous menu when entering username and password, ENTER works. Now imagine- do that a few times a day or even week, reading the code and in a few seconds have to grab again the mouse to click 'Verify' before the code is a new one.

Login- enter and mouseclick on button work

Verify- enter does not work, only mouseclick on button works.

You could support your customers, to enable them to work smart not stress around "where's the mouse again in 3 2 1 too late" for security and safety procedures.

Zyxel_USG_User

Time travellers?

CVE-2024-11667: Key Details and Mitigation

Published: November, 2025