BACK TO NEWS
Breaking NewsCritical

Zyxel Releases Critical Patch for RCE Vulnerability in Multiple Network Devices

2 min readSource: SecurityWeek

Zyxel addresses a critical UPnP flaw (CVE-2024-29973) enabling remote code execution across multiple device models. Immediate patching advised.

Zyxel Addresses Critical Remote Code Execution Flaw in Network Devices

Zyxel has released security updates to patch a critical vulnerability in multiple device models that could allow attackers to execute arbitrary code remotely. The flaw, tracked as CVE-2024-29973, affects the Universal Plug and Play (UPnP) functionality in several Zyxel products.

Technical Details

The vulnerability resides in the UPnP implementation of affected Zyxel devices, which could be exploited by unauthenticated attackers to execute malicious code without user interaction. While specific technical details remain undisclosed, the flaw is classified as critical due to its potential for remote code execution (RCE) with high impact on confidentiality, integrity, and availability.

Zyxel has not disclosed the exact list of vulnerable models, but the advisory suggests that multiple firewall, VPN, and access point devices are impacted. Security professionals should review Zyxel’s official security bulletin for a complete list of affected firmware versions.

Impact Analysis

Successful exploitation of CVE-2024-29973 could allow threat actors to:

  • Gain unauthorized access to corporate or home networks
  • Deploy malware or ransomware on connected systems
  • Exfiltrate sensitive data
  • Establish persistence for further attacks

Given the widespread use of Zyxel devices in enterprise and SMB environments, this vulnerability poses a significant risk, particularly for organizations with exposed UPnP services.

Recommendations

Zyxel has released firmware updates to mitigate the flaw. Security teams are advised to:

  1. Immediately apply the latest patches for all affected Zyxel devices.
  2. Disable UPnP if not required for business operations, as it is a common attack vector.
  3. Monitor network traffic for unusual activity, particularly on ports associated with UPnP (e.g., TCP 1900, UDP 1900).
  4. Review Zyxel’s security advisory (SecurityWeek) for model-specific guidance.

Organizations should prioritize patching internet-facing devices to prevent exploitation by opportunistic attackers.

Share

TwitterLinkedIn