Home > News > Top Stories > Major Security Flaws Observed Zyxel VPN

VPN

Major Security Flaws Observed Zyxel VPN

At least a hundred thousand Zyxel devices have been delivered with a hardcoded admin-level backdoor account - a security bargain of the most noteworthy seriousness. The vulnerability, later affirmed by the company itself, was first spotted by cybersecurity researchers from Eye Control.

According to their report, the hardcoded account can be utilized to gain root access to many of Zyxel's devices, some of which are utilized by ventures at the edge of their organizations. These incorporate firewalls, VPN gateways, and access point regulators.

According to Eye Control, the account had root access to the gadget because it was being utilized to install firmware updates to other interconnected Zyxel devices through FTP.

Whenever bargained, the affected devices could be utilized by criminals to launch DDoS attacks and ransomware operations, or as a venturing stone to facilitate more perplexing cyberattacks.

Zyxel has already given patches for the Advanced Threat Protection (ATP) arrangements, Unified Security Gateway (USG) arrangement, USG Flex, and VPN arrangement, with a patch for the WLAN access point regulator NXC arrangement coming in April.

Clients are advised to install the relevant patches, which eliminate the backdoor account.

About Zyxel

Focused on innovation and customer-centricity, Zyxel has been connecting people to the internet for nearly 30 years. We keep promoting creativity which meets the needs of customers. This spirit has never been changed since we developed the world’s first integrated 3-in-1 data/fax/voice modem in 1992. Our ability to adapt and innovate with networking technology places us at the forefront of understanding connectivity for telco/service providers, businesses and home users.

Spotlight

More featured news

Spotlight

Related News

Virtual Desktop Tools, Virtual Desktop Strategies

Leostream Enhances Security and Management of vSphere Hybrid Cloud Deployments

Business Wire | January 29, 2024

Leostream Corporation, the world's leading Remote Desktop Access Platform provider, today announced features to enhance security, management, and end-user productivity in vSphere-based hybrid cloud environments. The Leostream platform strengthens end-user computing (EUC) capabilities for vSphere users, including secure access to both on-premises and cloud environments, heterogeneous support, and reduced cloud costs. With the Leostream platform as the single pane of glass managing EUC environments, any hosted desktop environment, including individual virtual desktops, multi-user sessions, hosted physical workstations or desktops, and hosted applications, becomes simpler to manage, more secure, more flexible, and more cost-effective. Significant ways the Leostream platform expands vSphere’s capabilities include: Security The Leostream platform ensures data remains locked in the corporate network, and works across on-premises and cloud environments, providing even disparate infrastructures with the same levels of security and command over authorization, control, and access tracking. The Leostream platform supports multi-factor authentication and allows organizations to enforce strict access control rules, creating an EUC environment modeled on a zero-trust architecture. Multivendor/protocol support The Leostream platform was developed from the ground up for heterogeneous infrastructures and as the connection management layer of the EUC environment, the Leostream platform allows organizations to leverage vSphere today and other hypervisors or hyperconvergence platforms in the future as their needs evolve. The Leostream platform supports the industry’s broadest array of remote display protocols, including specialized protocols for mission-critical tasks. Consistent EUC experience The Leostream platform enables IT to make changes to the underlying environment while ensuring the end user experience is constant, and to incorporate AWS, Azure, Google Cloud, or OpenStack private clouds into their environment without disruptions in end-user productivity. By integrating with corporate Identity Providers (IdPs) that employees are already familiar with, and providing employees with a single portal they use to sign in, the Leostream platform offers simplicity to users too. Connectivity The Leostream Gateway securely connects to on-prem and cloud resources without virtual private networks (VPNs), and eliminates the need to manage and maintain security groups. End users get the same seamless login and high-performance connection across hybrid environments including corporate resources located off the internet. Controlling cloud costs The Leostream Connection Broker implements automated rules that control capacity and power state in the cloud, allowing organizations to optimize their cloud usage and minimize costs, such as ensuring cloud instances aren’t left running when they are no longer needed. The Connection Broker also intelligently pools and shares resources across groups of users, so organizations can invest in fewer systems, reducing overall cost of ownership. “These features deliver a streamlined experience with vSphere and hybrid or multi-cloud resources so end users remain productive, and corporate data and applications remain secure,” said Leostream CEO Karen Gondoly. “At a time when there is uncertainty about the future of support for VMware’s end-user computing, it’s important to bring these options to the market to show that organizations can extend vSphere’s capabilities and simultaneously plan for the future without disruption to the workforce.” About Leostream Corporation Leostream Corporation, the global leader in Remote Desktop Access Platforms, offers comprehensive solutions that enable seamless work-from-anywhere environments for individuals across diverse industries, regardless of organization size or location. The core of the Leostream platform is its commitment to simplicity and insight. It is driven by a unified administrative console that streamlines the management of users, cloud desktops, and IT assets while providing real-time dashboards for informed decision-making. The company continually monitors the evolving remote desktop landscape, anticipating future trends and challenges. This purposeful, proactive approach keeps clients well-prepared for the dynamic changes in remote desktop technology.

Read More

Virtual Desktop Tools, Virtual Desktop Strategies

Leostream Enhances Security and Management of vSphere Hybrid Cloud Deployments

Business Wire | January 29, 2024

Leostream Corporation, the world's leading Remote Desktop Access Platform provider, today announced features to enhance security, management, and end-user productivity in vSphere-based hybrid cloud environments. The Leostream platform strengthens end-user computing (EUC) capabilities for vSphere users, including secure access to both on-premises and cloud environments, heterogeneous support, and reduced cloud costs. With the Leostream platform as the single pane of glass managing EUC environments, any hosted desktop environment, including individual virtual desktops, multi-user sessions, hosted physical workstations or desktops, and hosted applications, becomes simpler to manage, more secure, more flexible, and more cost-effective. Significant ways the Leostream platform expands vSphere’s capabilities include: Security The Leostream platform ensures data remains locked in the corporate network, and works across on-premises and cloud environments, providing even disparate infrastructures with the same levels of security and command over authorization, control, and access tracking. The Leostream platform supports multi-factor authentication and allows organizations to enforce strict access control rules, creating an EUC environment modeled on a zero-trust architecture. Multivendor/protocol support The Leostream platform was developed from the ground up for heterogeneous infrastructures and as the connection management layer of the EUC environment, the Leostream platform allows organizations to leverage vSphere today and other hypervisors or hyperconvergence platforms in the future as their needs evolve. The Leostream platform supports the industry’s broadest array of remote display protocols, including specialized protocols for mission-critical tasks. Consistent EUC experience The Leostream platform enables IT to make changes to the underlying environment while ensuring the end user experience is constant, and to incorporate AWS, Azure, Google Cloud, or OpenStack private clouds into their environment without disruptions in end-user productivity. By integrating with corporate Identity Providers (IdPs) that employees are already familiar with, and providing employees with a single portal they use to sign in, the Leostream platform offers simplicity to users too. Connectivity The Leostream Gateway securely connects to on-prem and cloud resources without virtual private networks (VPNs), and eliminates the need to manage and maintain security groups. End users get the same seamless login and high-performance connection across hybrid environments including corporate resources located off the internet. Controlling cloud costs The Leostream Connection Broker implements automated rules that control capacity and power state in the cloud, allowing organizations to optimize their cloud usage and minimize costs, such as ensuring cloud instances aren’t left running when they are no longer needed. The Connection Broker also intelligently pools and shares resources across groups of users, so organizations can invest in fewer systems, reducing overall cost of ownership. “These features deliver a streamlined experience with vSphere and hybrid or multi-cloud resources so end users remain productive, and corporate data and applications remain secure,” said Leostream CEO Karen Gondoly. “At a time when there is uncertainty about the future of support for VMware’s end-user computing, it’s important to bring these options to the market to show that organizations can extend vSphere’s capabilities and simultaneously plan for the future without disruption to the workforce.” About Leostream Corporation Leostream Corporation, the global leader in Remote Desktop Access Platforms, offers comprehensive solutions that enable seamless work-from-anywhere environments for individuals across diverse industries, regardless of organization size or location. The core of the Leostream platform is its commitment to simplicity and insight. It is driven by a unified administrative console that streamlines the management of users, cloud desktops, and IT assets while providing real-time dashboards for informed decision-making. The company continually monitors the evolving remote desktop landscape, anticipating future trends and challenges. This purposeful, proactive approach keeps clients well-prepared for the dynamic changes in remote desktop technology.

Read More

More featured news