New Zyxel Zero-Day Under Attack, No Patch Available

New Zyxel Zero-Day Under Attack, No Patch Available
Summary: GreyNoise reports an active exploitation of a critical zero-day vulnerability (CVE-2024-40891) in Zyxel CPE devices, allowing attackers to gain full system compromise through Telnet. With no patches available from Zyxel, over 1,500 devices are exposed to exploitation. GreyNoise urges immediate defensive measures, including restricting Telnet access and monitoring network logs.

Affected: Zyxel CPE devices

Keypoints :

  • Critical command injection vulnerability allows full system compromise.
  • Similar to CVE-2024-40890 but exploits Telnet rather than HTTP.
  • GreyNoise recommends restricting Telnet access and monitoring traffic due to absence of patches.
  • It follows a trend of Zyxel vulnerabilities being targeted in previous attacks, including by ransomware groups.
  • Administrators should apply any forthcoming patches and cease use of end-of-life Zyxel devices.

Source: https://www.securityweek.com/new-zyxel-zero-day-under-attack-no-patch-available/