In a warning to its customers today, Zyxel has notified them of a vulnerability that poses a risk for RCE attacks. The issue affects three models of the company’s network-attached storage products.
The cybersecurity analysts at Zyxel have tracked the vulnerability as “CVE-2022-34747.” Through the use of a crafted UDP packet, a malicious attacker could be able to achieve RCE without the user’s knowledge.
On June 2022, this vulnerability was discovered by the security expert Shaposhnikov Ilya. Therefore, over the course of the next few months, Zyxel progressively released security updates for the affected models under the affected model number.
A series of Zyxel products are affected by this flaw, including:-
In recent years, hackers have become increasingly adept at hacking NAS devices. A hacker can steal your sensitive and personal information if you do not take precautions or keep your software up-to-date in order to protect yourself.
Not only that, data can even be permanently deleted in some instances if they are extremely persistent and deploy ransomware as well. While the latest firmware update for Zyxel devices can be downloaded by visiting Zyxel’s official download portal.
There have been multiple vulnerabilities identified across multiple products by Zyxel and they have been addressed through security updates released in May 2022.
All of these scenarios are threatening, but ransomware is the most common and the most dangerous among them. It is clear that ransomware is the best method for threat actors to monetize their success if it is successfully exploited.
Secure Azure AD Conditional Access – Download Free White Paper
The Cybersecurity and Infrastructure Security Agency (CISA) has extended funding to the MITRE Corporation, ensuring…
New vulnerabilities in Windows Task Scheduler's schtasks.exe let attackers bypass UAC, alter metadata, modify event…
A critical vulnerability in Microsoft Windows, identified as CVE-2025-24054, has been actively exploited in the…
Attackers have been deploying server-side phishing schemes to compromise employee and member login portals across…
CloudSEK's Security Research team, a sophisticated cyberattack leveraging malicious online PDF converters has been demonstrated…
The Interlock ransomware intrusion set has escalated its operations across North America and Europe with…
