Zywall USG FLEX Series & ATP Series - V5.42Patch 1 Firmware Release
Zyxel Employee
Zywall USG FLEX Series & ATP Series Release Note
February 2026
Firmware Version on all models
(Click the hyperlink to find the firmware file directly)
| FLEX Series | Download link | ATP Series | Download link |
| FLEX50/USG20-VPN | V5.42(ABAQ.1)C0 | ATP100 | V5.42(ABPS.1)C0 |
| FLEX50W/USG20W-VPN | V5.42(ABAR.1)C0 | ATP100W | V5.42(ABRW.1)C0 |
| FLEX50AX | V5.42(ACGB.1)C0 | ATP200 | V5.42(ABFW.1)C0 |
| FLEX100 | V5.42(ABUH.1)C0 | ATP500 | - |
| FLEX100W | V5.42(ABWC.1)C0 | ATP700 | - |
| FLEX100AX | V5.42(ACFN.1)C0 | ATP800 | - |
| FLEX200 | V5.42(ABUI.1)C0 | ||
| FLEX500 | - | ||
| FLEX700 | - |
Note: ATP500, ATP700, ATP800, USG FLEX 500, and USG FLEX 700 are excluded for V5.42 patch 1. This exclusion is due to an issue identified during internal validation, where upgrading to ZLD 5.42 Patch 1 may fail when the device is operating in an HA configuration. Once this issue is clarified and resolved, we will proceed to release the patch after the Lunar New Year holiday.
Anyone who needs the vulnerability fix for ATP500, ATP700, ATP800, USG FLEX 500, and USG FLEX 700 without HA configuration, please download the hotfix here [Vulnerability Hotfix] CVE-2025-11730 Path Traversal Vulnerability — Zyxel Community.
New Feature and Enhancements
N/A
Bug Fix
| Bug fix | S | C |
| [Bug Fix] eITS#260200247, 260200387, 260200388, 260200391
a. Fix: Unexpected device reboot. | V | - |
Please refer to the Download Link for more details.
Comments
-
Does this release include the DNS problem fix that in 542ABUI0ITS-26WK06-r117894.zip ?
V5.42 DNS is broken with FQDN objects — Zyxel Community
Thanks
0 -
Update:
This firmware fixes the unexpected device reboot, which in most cases is caused by an abnormal FQDN object query.
Zyxel Melen0 -
-
Update:
Note: ATP500, ATP700, ATP800, USG FLEX 500, and USG FLEX 700 are excluded for V5.42 patch 1. This exclusion is due to an issue identified during internal validation, where upgrading to ZLD 5.42 Patch 1 may fail when the device is operating in an HA configuration. Once this issue is clarified and resolved, we will proceed to release the patch after the Lunar New Year holiday.
Anyone who needs the vulnerability fix for ATP500, ATP700, ATP800, USG FLEX 500, and USG FLEX 700 without HA configuration, please download the hotfix here [Vulnerability Hotfix] CVE-2025-11730 Path Traversal Vulnerability — Zyxel Community.
Zyxel Melen0 -
All dates and timings are Central European Time
Since Tuesday 10 7:00 a USG20W-VPN is working fine.
Since Wednesday 10 07:30 a USG20-VPN is working fine.
I updated roughly 1h ago a USG Flex 100, next one will be updated Saturday morning.And the 5.42 P0 botch has confirmed that automatic update is not the best idea for my scenarios, because current scheduling options are only weekly (and not after a configurable delay from the new version availability).
0
Guru Member
Categories
- All Categories
- 442 Beta Program
- 2.9K Nebula
- 217 Nebula Ideas
- 127 Nebula Status and Incidents
- 6.5K Security
- 580 USG FLEX H Series
- 344 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.4K Wireless
- 52 Wireless Ideas
- 7K Consumer Product
- 297 Service & License
- 476 News and Release
- 91 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.8K FAQ
- 34 Documents
- 87 About Community
- 102 Security Highlight