Zyxel Firewall and AP Controllers contain Credential vulnerability
CVE-2020-29583 (CVSS 7.8)
Sources
Official Manufacturer: https://www.zyxel.com/support/CVE-2020-29583.shtml NVD: https://nvd.nist.gov/vuln/detail/CVE-2020-29583
Risks
Firewall products are used to protect internal network infrastructure. An adversary could use this credential vulnerability, found in the firmware, to gain remote administrative access to the device via its ssh server or the web interface. Administrative access could be used to create additional users and vpn connections to gain access to the network(s) protected by the firewall.
Description
A specific version of Zyxel firewalls and AP controllers firmware contain a credential vulnerability. The user account (zyfwp) is undocumented and its password resides in clear text within the firmware. The account was designed to deliver automatic firmware updates to connected access points through FTP.
Recommended Actions
* CERT.be recommends upgrading Zyxel firewall firmware to version “ZLD V4.60 Patch1”. * CERT.be recommends using Two-Factor Authentication (2FA) protection for admin and VPN connections configured on these devices. * CERT.be recommends upgrading Zyxel AP controller firmware to version to “V6.10 Patch1” as soon as the patch from the manufacturer becomes available (08 Jan 2021).
References
Manufacturer: - https://www.zyxel.com/support/CVE-2020-29583.shtml - https://businessforum.zyxel.com/discussion/5254/whats-new-for-zld4-60-pa... Mitre: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29583 NVD: - https://nvd.nist.gov/vuln/detail/CVE-2020-29583 Other: - https://businessforum.zyxel.com/discussion/5252/zld-v4-60-revoke-%20and-... - https://www.cisecurity.org/advisory/a-vulnerability-in-zyxel-firewall-an... - https://cisomag.eccouncil.org/over-100000-zyxel-devices-vulnerable-to-se...