Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cisaCISACISA:0E2BA3A0792F36BF363969FD144B70FD
HistoryJan 08, 2021 - 12:00 a.m.

MS-ISAC Releases Cybersecurity Advisory on Zyxel Firewalls and AP Controllers

2021-01-0800:00:00
us-cert.cisa.gov
28

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

The Multi-State Information Sharing and Analysis Center (MS-ISAC) has released an advisory on a vulnerability in Zyxel firewalls and AP controllers. A remote attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review the MS-ISAC Advisory 2021-001 and Zyxel Security Advisory for CVE-2020-29583 and apply the necessary updates and mitigation recommendations.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we’d welcome your feedback.

Related

thn 2
prion 1
threatpost 1
nessus 1
attackerkb 1
cve 1
cisa_kev 1
nuclei 1
githubexploit 1
rapid7blog 1
ics 1
thn
thn
Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products
2021-01-01 13:49:00
Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack
2021-06-25 10:37:00
prion
prion
Default credentials
2020-12-22 22:15:00
threatpost
threatpost
Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw
2021-01-06 16:40:26
nessus
nessus
Zyxel USG Hardcoded Default Password (CVE-2020-29583)
2023-03-15 00:00:00
attackerkb
attackerkb
CVE-2020-29583 Zyxel USG Hard-Coded Admin Creds
2020-12-22 00:00:00
cve
cve
CVE-2020-29583
2020-12-22 22:15:00
cisa_kev
cisa_kev
Zyxel Multiple Products Use of Hard-Coded Credentials Vulnerability
2021-11-03 00:00:00
nuclei
nuclei
ZyXel USG - Hardcoded Credentials
2023-05-25 18:18:57
githubexploit
githubexploit
Exploit for Cleartext Storage of Sensitive Information in Zyxel Usg20-Vpn Firmware
2021-01-04 00:56:55
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-01-22 19:21:10
ics
ics
People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
2022-06-10 12:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for CISA:0E2BA3A0792F36BF363969FD144B70FD
thn2prion1threatpost1nessus1attackerkb1cve1cisa_kev1nuclei1githubexploit1rapid7blog1ics1