CISA KEV 정보
| 취약점명 | Zyxel Multiple Products Use of Hard-Coded Credentials Vulnerability |
|---|---|
| 설명 | Zyxel firewalls (ATP, USG, VM) and AP Controllers (NXC2500 and NXC5500) contain a use of hard-coded credentials vulnerability in an undocumented account ("zyfwp") with an unchangeable password. |
| 조치사항 | Apply updates per vendor instructions. |
| 랜섬웨어 캠페인 악용 | Unknown |
| CWE | CWE-522 |
| 등록일 (KEV) | 2021-11-03 |
| 조치 기한 | 2022-05-03 |
| 추가 참고 | https://nvd.nist.gov/vuln/detail/CVE-2020-29583 |
NVD 상세 정보
CVSS v3.1: 9.8 CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCVSS v2.0: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C설명: Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges.
CWE: CWE-522 | CWE-522
참조
- http://ftp.zyxel.com/USG40/firmware/USG40_4.60%28AALA.1%29C0_2.pdf [Broken Link]
- https://businessforum.zyxel.com/discussion/5252/zld-v4-60-revoke-and-wk48-firmware-release [Release Notes]
- https://businessforum.zyxel.com/discussion/5254/whats-new-for-zld4-60-patch-1-available-on-dec-15 [Release Notes]
- https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html [Broken Link, Third Party Advisory]
- https://www.secpod.com/blog/a-secret-zyxel-firewall-and-ap-controllers-could-allow-for-administrative-access-cve-2020-29583/ [Exploit, Third Party Advisory]
- https://www.zyxel.com/support/CVE-2020-29583.shtml [Vendor Advisory]
- https://www.zyxel.com/support/security_advisories.shtml [Vendor Advisory]
- http://ftp.zyxel.com/USG40/firmware/USG40_4.60%28AALA.1%29C0_2.pdf [Broken Link]
- https://businessforum.zyxel.com/discussion/5252/zld-v4-60-revoke-and-wk48-firmware-release [Release Notes]
- https://businessforum.zyxel.com/discussion/5254/whats-new-for-zld4-60-patch-1-available-on-dec-15 [Release Notes]
- https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html [Broken Link, Third Party Advisory]
- https://www.secpod.com/blog/a-secret-zyxel-firewall-and-ap-controllers-could-allow-for-administrative-access-cve-2020-29583/ [Exploit, Third Party Advisory]
- https://www.zyxel.com/support/CVE-2020-29583.shtml [Vendor Advisory]
- https://www.zyxel.com/support/security_advisories.shtml [Vendor Advisory]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-29583 [US Government Resource]
This product uses the NVD API but is not endorsed or certified by the NVD.