Zyxel networking device users are being urged to update their firewalls and VPNs due to active exploitation of a vulnerability (CVE-2023-28771) that enables remote code execution. The flaw affects Zyxel’s ATP, USG Flex, VPN, and ZyWall/USG products and allows attackers to execute OS commands remotely. The vulnerability is being widely exploited to compromise devices and potentially enlist them in Mirai-based botnets for DDoS attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) has added the CVE to its Known Exploited Vulnerabilities Catalog, requiring federal agencies to patch it by June 21. Additionally, Zyxel published advisories for two other vulnerabilities (CVE-2023-33009 and CVE-2023-33010) that allow attackers to cause a DoS condition or execute arbitrary code on affected devices.
Read more: https://www.infosecurity-magazine.com/news/zyxel-customers-urged-patch/