Zimbalwa izinsuku ezedluleUkutholwa kokuba sengozini kudaluliwe ukuphepha okukhulu ku-firewalls, amasango wenethiwekhi yangasese ebonakalayo kanye nabalawuli bezindawo zokufinyelela ezenziwe yiZyxel Communications Corp.
Kunemininingwane yokuthi ngenyanga edlule, abacwaningi bezokuphepha abavela inkampani yaseDutch yezokuphepha Abakwa-Eye Control babhale leli cala futhi basho ukuthi ukuba sengozini kuthinta amadivayisi angaphezu kwe-100.000 akhiqizwe yinkampani.
Ukuba sengozini Kusho ukuthi amadivayisi anekhodi eliqinile elinamakhodi wokuphatha angemuva enganika abahlaseli ukufinyelela kwezimpande kumadivayisi ane-SSH noma iphaneli yomlawuli wewebhu.
Njengoba kunikezwe igama lomsebenzisi nephasiwedi ebethelwe, izigebengu zingathola ukufinyelela kumanethiwekhi zisebenzisa amadivayisi weZyxel.
"Omunye, ngokwesibonelo, angashintsha izilungiselelo ze-firewall ukuze avumele noma avimbe ithrafikhi ethile," kusho umcwaningi we-Eye Control uNiels Teusink. "Bangaphinde bathinte ithrafikhi noma benze ama-akhawunti e-VPN ukuze bakwazi ukufinyelela kwinethiwekhi engemva kocingo."
Ukuba sengozini ku- Los chungechunge amadivayisi ATP, USG, USG Flex, VPN kanye NXC kusuka Zyxel.
Yize kungelona igama lasekhaya, iZyxel yinkampani esekwe eTaiwan ekhiqiza amadivayisi enethiwekhi asetshenziswa kakhulu ngamabhizinisi amancane naphakathi nendawo.
Eqinisweni, inkampani inohlu olumangazayo lwezici ezintsha: Kwakuyinkampani yokuqala emhlabeni ukuklama imodemu ye-analog / digital ISDN, eyokuqala enesango le-ADSL2 +, futhi eyokuqala ukunikela nge-firewall ephathekayo elingana nosayizi intende yesandla, phakathi kokunye impumelelo.
Nokho, lesi akusikho okokuqala ukuba sengozini kutholakala kumadivayisi weZyxel. Ucwaningo olwenziwe yiFraunhofer Institute for Communication ngoJulayi luqambe iZyxel kanye ne-AsusTek Computer Inc., Netgear Inc., D-Link Corp., Linksys, TP-Link Technologies Co. Ltd. kanye ne-AVM Computersysteme Vertriebs GmbH njengezinga lokuphepha nezindaba.
Ngokusho kwabamele inkampani iZyxel, umnyango wangemuva wawungewona umphumela womsebenzi onobungozi kusuka kubahlaseli abavela eceleni, isbro kwakuwumsebenzi ojwayelekile osetshenziselwa ukulanda ngokuzenzakalela izibuyekezo i-firmware nge-FTP.
Kumele kuqashelwe ukuthi iphasiwedi echazwe ngaphambilini ayizange ibethelwe nabaphenyi bezokuphepha kwe-Eye Control bakuqaphele ngokuhlola amazwibela ombhalo atholakala esithombeni se-firmware.
Kwisisekelo somsebenzisi, iphasiwedi ibigcinwe njenge-hash futhi i-akhawunti eyengeziwe ayifakwanga ohlwini lwabasebenzisi, kepha elinye lamafayela asebenzisekayo beliqukethe iphasiwedi embhalweni ocacile uZyxel waziswa ngenkinga ekupheleni kukaNovemba wayilungisa kancane.
I-ATP kaZyxel (Advanced Threat Protection), i-USG (Unified Security Gateway), i-USG FLEX ne-VPN firewalls, kanye nezilawuli zamaphoyinti okufinyelela i-NXC2500 ne-NXC5500 ziyathinteka.
UZyxel ubhekane nokuba sengozini, ngokusemthethweni ebizwa nge-CVE-2020-29583, ngokweluleka futhi ukhiphe isichibi sokulungisa le nkinga. Esazisweni, inkampani iphawule ukuthi i-akhawunti yomsebenzisi ebethelwe "i-zyfwp" yenzelwe ukuletha izibuyekezo ezizenzakalelayo ze-firmware ukufinyelela amaphuzu axhumeke nge-FTP.
Ukukhishwa kweFirewall kulungiswe kusibuyekezo se-firmware V4.60 Patch1 (Kuthiwa iphasiwedi ezenzakalelayo ivele kuphela ku-firmware V4.60 Patch0, futhi izinhlobo zakudala ze-firmware azithinteki yinkinga, kepha kukhona okunye ukukhubazeka ku-firmware endala lapho amadivayisi angahlaselwa khona ).
Ezindaweni ezidla ubhedu, Ukulungiswa kuzofakwa kusibuyekezo se-V6.10 Patch1 esihlelelwe u-Ephreli 2021. Bonke abasebenzisi bamadivayisi anezinkinga bayelulekwa ukuthi babuyekeze ngokushesha i-firmware noma bavule ukufinyelela kwamachweba enethiwekhi ezingeni lomlilo.
Inkinga ibhebhethekiswa iqiniso lokuthi insizakalo ye-VPN kanye ne-interface yewebhu yokuphatha idivayisi ngokuzenzakalela yamukela ukuxhumana kwithebhu yenethiwekhi efanayo 443, yingakho abasebenzisi abaningi bashiye i-443 ivulekele izicelo zangaphandle futhi ngenxa yalokho ngaphezu kwendawo yokugcina ye-VPN, bahamba kanye nokukwazi ukungena ku-interface yewebhu.
Ngokwezibalo zokuqala, amadivayisi angaphezu kwe-100 aqukethe i-backdoor ekhonjwe ayatholakala kunethiwekhi ukuxhuma nge-network port 443.
Abasebenzisi bamadivayisi weZyxel athintekile bayelulekwa ukuthi bafake izibuyekezo ezifanele ze-firmware ukuze bavikeleke kahle.
Umthombo: https://www.eyecontrol.nl