Zyxel security advisory for hardcoded credential vulnerability CVE-2020-29583

CVE: CVE-2020-29583

Updated: 1/7 - 3pm CET


Summary

Zyxel has released a patch for the hardcoded credential vulnerability of firewalls and AP controllers recently reported by researchers from Eye Control Netherlands. Users are advised to install the applicable firmware updates (4.60 Patch 1) for optimal protection.

 

What is the vulnerability?

A hardcoded credential vulnerability was identified in the “zyfwp” user account in some Zyxel firewalls and AP controllers. The account was designed to deliver automatic firmware updates to connected access points through FTP.

 

What versions are vulnerable—and what should you do?

After a through investigation, we’ve identified the vulnerable products that are within their warranty and support period and are releasing firmware patches to address the issue, as shown in the table below. For optimal protection, we urge users to install the applicable updates.

Note that the ATP, USG, ZyWALL, USG FLEX and VPN firewalls running earlier firmware versions than 4.60 Patch 0 or 4.60 Patch 1 and the VPN series running the SD-OS are NOT affected. 

 

Check out our FAQ section for the most questions for this security advisory:

FAQ: Enhanced Information for CVE-2020-29583 - Zyxel security advisory for hardcoded credential vulnerability

 

The following links can help you to upgrade your firmware version:

How to upgrade Firmware on your device?

How to upgrade Firmware, if I use Support Code Version or get ITS Error?

How to upgrade Firmware in Device HA Mode?

How to upgrade Firmware, if my Firmware version is very old?

 

If you recently got a bugfix from Zyxel Support you can also use our latest Weekly version (WK48 or WK50), which is secure for this vulnerability:

Weekly Firmware / Support Version / Lab Version

Release Notes for Weekly Support Version

 

Changes in 4.60 Patch 1 compare to 4.60 Patch 0:

1. [ENHANCEMENT] Enhanced HA Pro reliability.
2. [BUG FIX][CVE-2020-29583]
a. Vulnerability fix for undocumented user account.
3. [BUG FIX] eITS#201000455
a. Fixed Port Zone Assignment issue.
4. [BUG FIX] eITS#201100284, 201100639, 201100647
a. Fixed GUI show up issue when editing interfaces.
5. [BUG FIX] eITS#201100338
a. Mouseover popup information adjustment.
6. [BUG FIX] eITS#201100416, 201100564
a. Stability improvement.
7. [BUG FIX] eITS#201100511, 201100661, 201100730, 201101210, 201101248
a. Fixed the issue that DNS packets cannot passthrough VPN tunnel.

Download Full Release Notes Document of 4.60 Patch 1 include Patch 0 Release Notes

 

Product Affected Patch Download
ATP100 Yes, 4.60 Patch 0 Download 4.60 Patch 1
ATP100W Yes, 4.60 Patch 0 Download 4.60 Patch 1
ATP200

Yes, 4.60 Patch 0

Download 4.60 Patch 1
ATP500 Yes, 4.60 Patch 0 Download 4.60 Patch 1
ATP700 Yes, 4.60 Patch 0 Download 4.60 Patch 1
ATP800 Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG Flex 100 Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG Flex 100W Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG Flex 200 Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG Flex 500 Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG Flex 700 Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG20-VPN* Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG20W-VPN* Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG40 Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG40W Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG60 Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG60W Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG110 Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG210 Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG310 Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG1100 Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG1900 Yes, 4.60 Patch 0 Download 4.60 Patch 1
USG2200/VPN Yes, 4.60 Patch 0 Download 4.60 Patch 1
VPN50 Yes, 4.60 Patch 0 Download 4.60 Patch 1
VPN100 Yes, 4.60 Patch 0 Download 4.60 Patch 1
VPN300 Yes, 4.60 Patch 0 Download 4.60 Patch 1
VPN1000 Yes, 4.60 Patch 0 Download 4.60 Patch 1
ZyWALL110 Yes, 4.60 Patch 0 Download 4.60 Patch 1
ZyWALL310 Yes, 4.60 Patch 0 Download 4.60 Patch 1
ZyWALL1100 Yes, 4.60 Patch 0 Download 4.60 Patch 1
NXC2500 Yes, 6.10 Patch 0 Download 6.10 Patch 1
NXC5500 Yes, 6.10 Patch 0

Download 6.10 Patch 1

UAG2100 Not affected /
UAG4100 Not affected /
UAG5100 Not affected /
NWA3160N Not affected /

*USG20/W-VPN is also affected, even this device did not have AP controller feature. The issue affect every 4.60 Patch 0 version.

If you have more questions or encounter any issue during firmware upgrade, feel free to contact our support team: How to contact Support Team?

 

Articles in this section

Was this article helpful?
0 out of 1 found this helpful
Share