Subj : Zyxel NAS devices hit by critical security threat, so patch now
To   : All
From : TechnologyDaily
Date : Thu Jun 06 2024 18:00:05

Zyxel NAS devices hit by critical security threat, so patch now

Date:
Thu, 06 Jun 2024 16:47:57 +0000

Description:
Five vulnerabilities discovered in two NAS devices, three of which were given 
the most critical severity.

FULL STORY
======================================================================

Zyxel has patched three high-severity flaws plaguing some of its NAS devices 
.. 

In a security advisory, Zyxel said it released patches for CVE-2024-29972, 
CVE-2024-29973, and CVE-2024-29974, three flaws with severity scores of 
9.8/10 (critical), and urged users to apply them immediately. 

The vulnerabilities , discovered in March 2024, were discovered in NAS326 
(running version V5.21(AAZF.16)C0 and earlier) and NAS542 (running versions 
V5.21(ABAG.13)C0 and earlier). Proof of concept 

CVE-2024-29972 is a backdoor account in the Zyxel firmware, called 
"NsaRescueAngel". This is a remote support account with root privileges that 
Zyxel supposedly removed four years ago, but obviously didnt. CVE-2024-29973 
is a Python code injection flaw that Zyxel created while patching a separate 
vulnerability last year (CVE-2023-27992), while CVE-2024-29974 is a remote 
code execution (RCE) flaw granting potential attackers persistence on the 
compromised devices. 

Besides the three flaws, the researchers found two additional ones - 
CVE-2024-29975 and CVE-2024-29976. However, these are moderately severe, with 
scores 6.7 and 6.5 respectively. Both are described as privilege escalation 
flaws. 

It is also worth mentioning that these two Zyxel devices reached end-of-life 
status on December 31, 2023, and Zyxel still decided to patch them for the 
organizations with extended warranty. 

"Due to the critical severity of vulnerabilities CVE-2024-29972, 
CVE-2024-29973, and CVE-2024-29974, Zyxel has made patches available to 
customers with extended support despite the products already having reached 
end-of-vulnerability-support," the advisory added. 

The vulnerabilities were found by Timothy Hjort, a security research intern 
at Outpost24, The Register reported. Besides the discovery, Hjort also 
included a proof of concept (PoC) that demonstrated how the vulnerabilities 
could be exploited. At press time, there were no reports or evidence of 
in-the-wild abuse, however, since the devices are past EoD, and with the 
methodology widely available, it is probably just a matter of time. More from 
TechRadar Pro Zyxel says multiple NAS devices suffering from cybersecurity 
flaws Here's a list of the best firewalls around today These are the best 
endpoint security tools right now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/zyxel-nas-devices-hit-by-critical-secur
ity-threat-so-patch-now


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.