100,000 Zyxel Devices Vulnerable to Backdoor
Healthcare Info Security
A firmware vulnerability in about 100,000 Zyxel products, including VPN gateways, access point controllers and firewalls, can be used to install a hardcoded backdoor that could give threat actors remote administrative privileges, according to the Dutch security firm Eye Control.
The flaw is tracked as CVE-2020-29583.
Zyxel, which has already posted patches for the vulnerability in some of its products, is urging its customers to immediately apply them. In an advisory, however, the company notes that a fix for its NXC access point controller series products would not be released until April.