Threat Actors Claiming of 0-Day Vulnerability in Zyxel VPN Device

Threat actors have claimed to have discovered a 0-day vulnerability in Zyxel VPN devices.

This revelation was made public through a tweet by the cybersecurity monitoring group MonThreat, which has been closely tracking and reporting on various cyber threats.

🚨 Alleged 0-Day Vulnerability in Zyxel VPN

A threat actor has announced the sale of the 0day exploit on a #Zyxel (legacy) VPN device that the manufacturer no longer supports. The device has over 2,500 IPs listed on fofa info, although it is allegedly deprecated, according to… pic.twitter.com/9kg2GvclBq

— ThreatMon (@MonThreat) April 30, 2024

As the attackers claim, the vulnerability could potentially allow unauthorized access to private networks, compromising the security of sensitive data and operations.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide

Zyxel VPN devices are widely used across various sectors, including government, finance, and healthcare, making this vulnerability particularly alarming.

Implications for Security

The discovery of a 0-day vulnerability—so named because the software vendor is not yet aware ofit—poses an immediate risk.

Integrate ANY.RUN in Your Company for Effective Malware Analysis

Are you from SOC, Threat Research, or DFIR departments? If so, you can join an online community of 400,000 independent security researchers:

• Real-time Detection
• Interactive Malware Analysis
• Easy to Learn by New Security Team members
• Get detailed reports with maximum data
• Set Up Virtual Machine in Linux & all Windows OS Versions
• Interact with Malware Safely

If you want to test all these features now with completely free access to the sandbox:

Try ANY.RUN for FREE

It provides a window of opportunity for cybercriminals to exploit the flaw before a patch can be developed and deployed.

Organizations using Zyxel VPN devices are advised to stay vigilant, monitor their networks for any unusual activity, and apply security best practices.

As of now, Zyxel has not publicly confirmed the vulnerability nor provided any guidance on mitigating potential risks.

The cybersecurity community is eagerly awaiting a response from Zyxel and hopes for a swift resolution to this critical security issue.

This incident serves as a stark reminder of the constant vigilance required in the digital age, where the security landscape is continually evolving.

Organizations must keep their software and hardware updated and pay close attention to advisories from credible cybersecurity sources like MonThreat.

Combat Sophisticated Email Threats With AI-Powered Email Security Tool -> Try Free Demo