PCI compliance scan fails on USG Flex 50 on 5.39 firmware

electsystech
electsystech Posts: 47  Freshman Member
First Answer First Comment Friend Collector Fifth Anniversary

I updated the usg flex 50 to latest 5.39 firmware but still get scan failure. It's using port 5445 as alternative web gui port. And the port needs to be opened for User Auth port forwarding. What can be done to address this issue?

Accepted Solution

  • Zyxel_Kay
    Zyxel_Kay Posts: 1,200  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - WLAN Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security
    edited October 30 Answer ✓

    Hi @electsystech

    The firmware V5.39 has addressed all known security vulnerabilities. Could you let us know the scanning software you’re using and confirm that the scan detected port 5445 on the firewall itself, rather than on a server accessed via port forwarding?

    Typically, PCI scans include a detailed report with specific recommendations for any issues found. If possible, could you share the full report with us? If there are any privacy concerns, feel free to send it to us via private message for further review.

    Kay

    See how you've made an impact in Zyxel Community this year! https://bit.ly/Your2024Moments_Community

All Replies

  • Zyxel_Kay
    Zyxel_Kay Posts: 1,200  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - WLAN Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security
    edited October 30 Answer ✓

    Hi @electsystech

    The firmware V5.39 has addressed all known security vulnerabilities. Could you let us know the scanning software you’re using and confirm that the scan detected port 5445 on the firewall itself, rather than on a server accessed via port forwarding?

    Typically, PCI scans include a detailed report with specific recommendations for any issues found. If possible, could you share the full report with us? If there are any privacy concerns, feel free to send it to us via private message for further review.

    Kay

    See how you've made an impact in Zyxel Community this year! https://bit.ly/Your2024Moments_Community

  • electsystech
    electsystech Posts: 47  Freshman Member
    First Answer First Comment Friend Collector Fifth Anniversary

    The PCI company submitted it as a false flag.

Security Highlight