![]() ![]() With a CVSSv3 severity score of 9.8/10, network administrators are advised to update their equipment as soon as possible, as these types of devices have often been on the menu for cybercrime groups. With only two days of notice, it is very likely that most of the 20,000 Zyxel devices vulnerable to this bug and which are connected to the internet are still unpatched and open to attacks. It took only two days after the Rapid7 report for attacks to be detected, according to researchers from Shadowserver Foundation, who spotted the first attacks over the weekend. ![]() Affected devices include the ATP and USG FLEX firewall series and Zyxel enterprise VPN line. The attacks started days after security firm Rapid7 published details and a Metasploit module for CVE-2022-30525, an unauthenticated command injection vulnerability in some of Zyxel's top-of-the-line enterprise products. Threat actors are exploiting a vulnerability in Zyxel enterprise firewall and VPN devices to gain access to (still) unpatched systems and install web shells for future intrusions. You can subscribe to an audio version of this newsletter as a podcast by searching for "Risky Business News" in your podcatcher or subscribing via this RSS feed. This newsletter is brought to you by Airlock Digital, Rumble Network Discovery, Proofpoint, and Thinkst Canary. ![]()
0 Comments
Leave a Reply. |