Warning – Zxyel patches critical format string vulnerability affecting 3 NAS models
Referentie:
Advisory #2022-024
Versie:
1.0
Geïmpacteerde software:
NAS326 V5.21(AAZF.11)C0 and earlier
NAS540 V5.21(AATB.8)C0 and earlier
NAS542 V5.21(ABAG.8)C0 and earlier
Type:
Format String Vulnerability
CVE/CVSS:
CVE-2022-34747
Datum:
08/09/2022
Bronnen
Risico’s
An attacker could exploit CVE-2022-34747 to achieve unauthorized remote code execution (RCE) via a crafted UDP packet. NAS devices are an interesting target for ransomware attackers as initial vector and to encrypt backups stored on the NAS device. Encrypted backups make it harder to restore from a ransomware, which forces the victim to pay the ransom.
Beschrijving
On the 6th of September, networking provider Zyxel released a security advisory to warn users of a critical format string vulnerability found in three Zyxel NAS models:
- NAS326 V5.21(AAZF.11)C0 and earlier
- NAS540 V5.21(AATB.8)C0 and earlier
- NAS542 V5.21(ABAG.8)C0 and earlier
Aanbevolen acties
The Centre for Cyber Security Belgium recommends administrators of Zyxel NAS appliances to patch vulnerable Zyxel NAS devices.
The CCB strongly recommends to not expose NAS appliances to the internet. NAS devices should be configured behind a firewall.
Referenties
https://www.securityweek.com/zyxel-patches-critical-vulnerability-nas-firmware