April 5, 2022

Zyxel Patches a Critical Firewall Authentication Bypass Vulnerability

Zyxel has released a security advisory addressing a critical authentication bypass vulnerability affecting several firewall models.

The Vulnerability

• CVE-2022-0342 (CVSS 3.1: 9.8, Critical) – An authentication bypass vulnerability which could allow an attacker to bypass the web authentication and obtain administrative access of the device.

Vulnerable Products

The following Zyxel firewall series are affected:

• ‘USG/ZyWALL’ – Firmware versions ZLD V4.20 through V4.70.
  • Fixed in ZLD V4.71.
• ‘USG FLEX’ – Firmware versions ZLD V4.50 through V5.20.
  • Fixed in ZLD V5.21 Patch 1.
• ‘ATP’ – ZLD V4.32 through V5.20.
  • Fixed in ZLD V5.21 Patch 1.
• ‘VPN’ – ZLD V.4.30 through V5.20.
  • Fixed in ZLD V5.21.
• ‘NSG’ – V1.20 through V1.33 Patch 4.
  • Fixed in Hotfix V1.33p4_WK11 (contact Zyxel for file).

Mitigation

CYREBRO urges all clients to implement relevant patches to affected products.

References: Zyxel Advisory