Over 1 lakh Zyxel firewalls, VPN gateways at hacking risk, says report
Jan 2, 2021, 11:19 IST
New Delhi, Dutch cybersecurity researchers have discovered backdoor account in over 1 lakh networking devices manufactured by Taiwan-based company Zyxel, that can grant hackers access to those vulnerable devices and put data at risk.
The backdoor account, discovered by a team of Dutch security researchers from Eye Control, is considered as bad as it gets in terms of vulnerabilities, ZDNet reported on Saturday.
"Affected models include many of Zyxel's top products from its line of business-grade devices, usually deployed across private enterprise and government networks," the report mentioned.
More than 1 lakh Zyxel firewalls, VPN gateways and access point controllers were reported to have been compromised by the hardcoded admin-level backdoor account.
Zyxel has issued a security patch "for the hardcoded credential vulnerability of firewalls and AP controllers recently reported by researchers from Eye Control Netherlands".
Users are advised to install the applicable firmware updates for optimal protection, the company said in an update.
State-sponsored hackers and ransomware groupd can abuse this backdoor account to access vulnerable devices.
"Affected models include many of Zyxel's top products from its line of business-grade devices, usually deployed across private enterprise and government networks," the report mentioned on Friday.
SEE ALSO:
INTERVIEW: Kia Motors’ 2021 plan includes 11 electric vehicle launches — but India may have to wait longer
India’s edtech in charts – How the shift to online learning meant money, valuation and users for the likes of BYJU’S, Unacademy, and others
Jio announces free domestic voice calls from January 1
Advertisement
The backdoor account, discovered by a team of Dutch security researchers from Eye Control, is considered as bad as it gets in terms of vulnerabilities, ZDNet reported on Saturday.
"Affected models include many of Zyxel's top products from its line of business-grade devices, usually deployed across private enterprise and government networks," the report mentioned.
More than 1 lakh Zyxel firewalls, VPN gateways and access point controllers were reported to have been compromised by the hardcoded admin-level backdoor account.
Zyxel has issued a security patch "for the hardcoded credential vulnerability of firewalls and AP controllers recently reported by researchers from Eye Control Netherlands".
Advertisement
State-sponsored hackers and ransomware groupd can abuse this backdoor account to access vulnerable devices.
"Affected models include many of Zyxel's top products from its line of business-grade devices, usually deployed across private enterprise and government networks," the report mentioned on Friday.
SEE ALSO:
INTERVIEW: Kia Motors’ 2021 plan includes 11 electric vehicle launches — but India may have to wait longer
India’s edtech in charts – How the shift to online learning meant money, valuation and users for the likes of BYJU’S, Unacademy, and others
Jio announces free domestic voice calls from January 1