Zyxel Firewall devices vulnerable to remote code execution attacks

Zyxel has announced that it found a critical security vulnerability in its firewall devices that could allow hackers remotely execute code on affected devices.

“Improper error message handling in some firewall versions could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device,” Zyxel said in an advisory.

The networking company has already released the patch and is calling for users to ensure their systems are updated.

The vulnerability has been given a 9.8 rating by The Common Vulnerability Scoring System (CVSS) and was first discovered by researchers from TRAPA security.

Products that need to be patched include:

• ATP (versions ZLD V4.60 to V5.35, patched in ZLD V5.36)

• USG FLEX (versions ZLD V4.60 to V5.35, patched in ZLD V5.36)

• VPN (versions ZLD V4.60 to V5.35, patched in ZLD V5.36)

• ZyWALL/USG (versions ZLD V4.60 to V4.73, patched in ZLD V4.73 Patch 1)

The company has also patched a high-severity post-authentication command injection vulnerability affecting select firewall versions and could be used to remotely execute some OS commands.

Zyxel has also released patches for five high-severity flaws and one medium-severity bug that were reported by Nikita Abramov from Russian cybersecurity company, Positive Technologies.

The flaws were found to affect several firewalls and access point (AP) devices and could be exploited to perform remote code execution and cause a denial-of-service (DoS) attack.