Zyxel Backdoor Found: Update Your Device Immediately
Posted: January 5, 2021 to Cybersecurity.
Critical Threat Discovered
A hardcoded, admin-level backdoor vulnerability (CVE-2020-29583) has been found in over 1000,000 Zyxel firewalls, VPN gateways, and access point controllers. Discovered by Eye Control researchers, these backdoor accounts can allow bad actors to access your information either via the web administration panel or the SSH interface This flaw is so vulnerable, in fact, that it is cited as one of the worst types of vulnerabilities for software or applications to even exist, and it is IMPERATIVE that you update your devices ASAP as it could be easy exploited by an opportunistic hacker or group. This vulnerability was found in several of Zyxel's best selling products, including:- Advanced Threat Protection (ATP) series (firewall):
- Unified Security Gateway (USG) series (hybrid firewall/VPN gateway)
- USG FLEX series (hybrid firewall/VPN gateway)
- VPN series (VPN gateway)
- NXC series (WLAN access point controller)
Backdoor Anatomy
You know, it's bad when a company experiences a breach but... It's even worse when they fail to learn from their mistakes. Back in 2016, CVE-2016-10401 was discovered. CVE-2016-10401 was a flaw in their devices contained a secret backdoor mechanism that allowed any user to elevate any account to "root level" simply by using the super-user (SU) password "zyad5001." Shockingly easy, but CVE-2020-29583 is actually worse. CVE-2016-10401 at least required hackers to first gain access to a low-privileged account on a Zyxel device (that they would then have to elevate to root); CVE-2020-29583, on the other hand, does not require attackers to utilize any special conditions in order to take over... Meaning you don't have to be a skilled hacker to exploit this vulnerability. Additionally, the 2016 vulnerability only impacted personal, at home routers; the 2020 vulnerability has impacted a variety of devices, some of which are made for corporate settings, giving attackers a wider range of targets.Conclusion
As we have mentioned on numerous occasions, one vital step in any cyber hygiene regimen is to UPDATE YOUR SOFTWARE ASAP. It's also one of the easiest steps to take. If you would like to learn more about layering your cyber security to protect your home or business, feel free to download our FREE Remote Security Checklist. While this guide is a good starting point, if you run a business, this will not fully protect you. If you have additional questions, feel free to give us a call at 919-422-2607 or you can schedule a free consultation online. And remember... Stay safe out there!Protect Your Business Today
Petronella Technology Group has provided cybersecurity, compliance, and managed IT services from Raleigh, NC for over 23 years. Contact us today for a free consultation and technology assessment.
Need help implementing these strategies?
Our cybersecurity experts can assess your environment and build a tailored plan.
Get Free Assessment
![NIST CSF 2.0: What Changed, Why It Matters, and How to Update Your Cybersecurity Program [Video + Guide]](https://petronellatech.com/inc/modules/Blog/images/icons/1309.webp){kind=icon}
![Incident Response Planning: Build a Cyber Incident Response Plan That Actually Works in 2026 [Video + Guide]](https://petronellatech.com/inc/modules/Blog/images/icons/1312.webp){kind=icon}
![Email Security for Business: Stop Phishing, BEC, and Email-Based Attacks Before They Cost You Millions [Video + Guide]](https://petronellatech.com/inc/modules/Blog/images/icons/1314.webp){kind=icon}
![Network Segmentation Guide: How to Contain Breaches and Protect Critical Systems with Proper Network Design [Video + Guide]](https://petronellatech.com/inc/modules/Blog/images/icons/1315.webp){kind=icon}
