There’s currently no evidence that Zyxel devices are vulnerable to the VPNFilter malware. However, we urge all users to upgrade their devices to the latest available firmware for optimal protection.
What’s the vulnerability?
According to a disclosure by Cisco Talos, a piece of malware called VPNFilter is targeting networking devices by exploiting either their default credentials or known vulnerabilities. After a successful initial attack, an affected device downloads malicious codes onto its system remotely from the command and control (C&C) server.
What products are vulnerable?
There’s currently no evidence suggesting that Zyxel products are vulnerable to VPNFilter, and we haven’t received any report – from a customer, researcher, or other party – of the vulnerability affecting any Zyxel device.
What should you do?
Got a question or a tipoff?
Please contact your local service rep for further information or assistance. If you’ve found a vulnerability, we want to work with you to fix it – contact firstname.lastname@example.org and we’ll get right back to you.
Initial release 2018-05-25