Your browser either does not support JavaScript or you have turned JavaScript off.

Security Advisories

We care about your network security. It’s our highest priority, and it’s what drives us to deliver the timely, useful advice on emerging vulnerabilities that you’ll find below. But there are also a few practices that it’s good common sense to follow at all times:

  • Change the default password as soon as you log in to a new device for the first time
  • Use strong, unique passwords for every device and change them regularly
  • Ensure your devices are running the latest available firmware
  • Don't enable remote access unless it's absolutely necessary

Got a tipoff?

If you’ve found a vulnerability, we want to work with you to fix it.
Contact security@zyxel.com.tw and we’ll get back to you.

Advisories

Zyxel security advisory for reflected cross-site scripting vulnerability of ZyWALL/USG devices


Zyxel security advisory for CVE-2018-9149


Zyxel security advisory for Denial of Service on P-660HW v3


Zyxel security advisory for Meltdown and Spectre attacks


Zyxel security advisory for the recent botnet attacks targeting PK5001Z


Zyxel security advisory for the key management vulnerabilities of WPA2 protocol


Zyxel security advisory for dnsmasq vulnerabilities


Guard against Petya ransomware


Google Drive Backup ZyWALL USG Series Firmware Upgrade Service Q&A


Zyxel statement to vulnerability CVE-2017-3216


Guard against WannaCry ransomware


Zyxel statement to the recent WordPress attacks


Zyxel statement regarding unauthenticated remote command execution vulnerability


Zyxel advisory: password change recommendations to maximize protection


Zyxel statement for the TR-064 protocol implementation in CPEs


Zyxel advisory for the BlackNurse attack


Zyxel Brute force attacks? Zyxel to tighten protection on routers and CPE


Zyxel Advisory for Vulnerability CVE-2015-7547


Zyxel to Fix SSH Private Key and Certificate Vulnerability


Zyxel to Issue Fix for CERT VU#870744 Vulnerabilities


Zyxel to Issue Fix for LTE3301-Q222 Software Bug


Zyxel Not Affected by “RSA-CRT Key Leaks”


Zyxel Product Support for Microsoft Windows 10


Google Drive Function Now Restored and Available on Zyxel Network Storage Products


Avoid CSRF Pharming Vulnerability and MOOSE Malware


Zyxel to Release Patch for KCodes NetUSB Vulnerability


Google Drive Backup Function Temporarily Unavailable on Zyxel Network Storage Products


Zyxel USG/ZyWALL Series Not Affected by “FREAK”


Guard Against “GHOST” Vulnerability


Guard Against “Misfortune Cookie” Vulnerability


Protect Your Network from the SSL v3.0 “POODLE” Vulnerability


Shellshock!? Is it an Issue for Zyxel Products?


About WPS Attack by Brute Force


End User License Agreement


Zyxel Windows 8 Support