In a warning to its customers today, Zyxel has notified them of a vulnerability that poses a risk for RCE attacks. The issue affects three models of the company’s network-attached storage products.
The cybersecurity analysts at Zyxel have tracked the vulnerability as “CVE-2022-34747.” Through the use of a crafted UDP packet, a malicious attacker could be able to achieve RCE without the user’s knowledge.
On June 2022, this vulnerability was discovered by the security expert Shaposhnikov Ilya. Therefore, over the course of the next few months, Zyxel progressively released security updates for the affected models under the affected model number.
A series of Zyxel products are affected by this flaw, including:-
In recent years, hackers have become increasingly adept at hacking NAS devices. A hacker can steal your sensitive and personal information if you do not take precautions or keep your software up-to-date in order to protect yourself.
Not only that, data can even be permanently deleted in some instances if they are extremely persistent and deploy ransomware as well. While the latest firmware update for Zyxel devices can be downloaded by visiting Zyxel’s official download portal.
There have been multiple vulnerabilities identified across multiple products by Zyxel and they have been addressed through security updates released in May 2022.
All of these scenarios are threatening, but ransomware is the most common and the most dangerous among them. It is clear that ransomware is the best method for threat actors to monetize their success if it is successfully exploited.
Secure Azure AD Conditional Access – Download Free White Paper
The Lotus Blossom hacker group, also known as Spring Dragon, Billbug, or Thrip, has been…
A newly identified malware, dubbed "Squidoor," has emerged as a sophisticated threat targeting government, defense,…
Cyber adversaries have evolved into highly organized and professional entities, mirroring the operational efficiency of…
In Q3 2024, Cofense Intelligence uncovered a targeted spear-phishing campaign aimed at employees working in…
The DragonForce ransomware group has launched a significant cyberattack on critical infrastructure in Saudi Arabia,…
In a concerning development, cybersecurity researchers at Trellix have uncovered a sophisticated malware campaign that…