Communications of the ACM

Home/News/Hackers Exploit Backdoor Built Into Zyxel Devices/Full Text

ACM TechNews

Hackers Exploit Backdoor Built Into Zyxel Devices

By Ars Technica
January 6, 2021
Comments

View as: Print Mobile App Share:

A Zyxel USG40 Unified Security Gateway. — Hackers are trying to exploit a backdoor built into some Zyxel device models used as VPNs, firewalls, and wireless access points by thousands of individuals and businesses.

Credit: Zyxel

Niels Teusink, a researcher at Netherlands-based security firm Eye Control, found that hackers are attempting to exploit a backdoor built into several Zyxel device models used as VPNs, firewalls, and wireless access points by thousands of individuals and businesses.

This backdoor is an undocumented user account with full administrative rights that is hardcoded into the device’s firmware, which can be accessed over SSH or through a Web interface.

Said Teusink, "An attacker could completely compromise the confidentiality, integrity and availability of the device.”

A fix already is available for firewall models and will be available Jan. 8 for AP controllers.

From Ars Technica
View Full Article

No entries found

Hackers Exploit Backdoor Built Into Zyxel Devices

New Error Correction Trick could Make Quantum Computers 200 Times Smaller

Virtual and the Future of Conferences

The Colossus