cve-2021-44228 log4j RCE - are Zyxel USG or ATP products vulnerable?
ChipConnJohn
Posts: 44 
Freshman Member
Freshman Member
in Security
Hi all,
I'm not seeing any information on whether these devices are vulnerable. Anyone see a release from Zyxel?
I'm not seeing any information on whether these devices are vulnerable. Anyone see a release from Zyxel?
0
All Replies
-
Also looking for some information to secure our network.
We don't have much facing the internet. Only our firewall, so i would like to know if it's vulnerable.
If not, that would be great ofcourse. But a some information would be nice
0 -
As Log4j is a Java application, and I can't imagine there is a Java virtual machine included in these embedded boxes, I don't think they are affected.
0 -
Hi @OTADMIN
Thank you for sharing this information with us. We had aware this vulnerability announcement and we're now studying on it. We will put our findings on the Zyxel security advisories and update to you once we finished the researching.0 -
It would be great if those advisories had dates listed. Should we just look at the top of the list in case anything about log4shell is added?0
-
DLDR; NOT affectedsee the SA:
0 -
Hi, what does "ZLD" Firmware mean?0
-
For USG firewalls (our device is USG110) ZLD means the normal firmware, current is v4.70 (AAPH.0)
0 -
Thank you very much.
0
Guru Member
Zyxel Employee
Ally Member
Master Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
