cve-2021-44228 log4j RCE - are Zyxel USG or ATP products vulnerable?
Options
ChipConnJohn
Posts: 44 
Freshman Member
Freshman Member
in Security
Hi all,
I'm not seeing any information on whether these devices are vulnerable. Anyone see a release from Zyxel?
I'm not seeing any information on whether these devices are vulnerable. Anyone see a release from Zyxel?
0
All Replies
-
Also looking for some information to secure our network.
We don't have much facing the internet. Only our firewall, so i would like to know if it's vulnerable.
If not, that would be great ofcourse. But a some information would be nice
0 -
As Log4j is a Java application, and I can't imagine there is a Java virtual machine included in these embedded boxes, I don't think they are affected.
0 -
Hi @OTADMIN
Thank you for sharing this information with us. We had aware this vulnerability announcement and we're now studying on it. We will put our findings on the Zyxel security advisories and update to you once we finished the researching.0 -
It would be great if those advisories had dates listed. Should we just look at the top of the list in case anything about log4shell is added?0
-
DLDR; NOT affectedsee the SA:
0 -
Hi, what does "ZLD" Firmware mean?0
-
For USG firewalls (our device is USG110) ZLD means the normal firmware, current is v4.70 (AAPH.0)
0 -
Thank you very much.
0
Guru Member
Zyxel Employee
Ally Member
Master Member
Categories
- All Categories
- 384 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 74 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 334 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 886 Nebula FAQ
- 415 Security FAQ
- 228 Switch FAQ
- 198 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 63 Security Highlight
