Please see Security Advisories for the week ending January 1, 2021
- Zyxel releases firmware update for hardcoded credential vulnerability
- Google Revealed Sickly Patched Windows Zero-Day Vulnerability
________________________________
Zyxel releases firmware update for hardcoded credential vulnerability
Situation
Over 100,000 Zyxel firewalls, VPN gateways, and access point controllers are vulnerable due to a secret hardcoded administrative backdoor account used to update the devices firmware.
Problem
This vulnerability is due to a hardcoded credential for an admin-level account used to deliver automatic firmware updates.
Implication
If an attacker is able to successfully exploit this vulnerability it can allow them access to the vulnerable device(s) and pivot to internal networks for additional attacks.
Need
Zyxel has releases new firmware ZLD V4.60 Patch 1 to remove the hardcoded credential. Zyxel strongly recommends updating to the newest firmware to protect against this vulnerability. Additional information can be found in the link below.
For a more detailed overview:
https://www.zyxel.com/support/CVE-2020-29583.shtml
________________________________
Google Revealed Sickly Patched Windows Zero-Day Vulnerability
Situation
Google security analysts have found that the CVE-2020-17008 was improperly patched. This vulnerability is for Windows print spooler API. Windows 10, 8.1, Server 2012, Server 2016, and Server 2019 are affected.
Problem
The vulnerability lies in splwow64.exe. The attacker would need to log onto the system to abuse the vulnerability.
Implication
An attacker can manipulate the memory of splwow64.exe and gain elevated privileges.
Need
Microsoft is planning on patching this issue in the January 2021 Patch Tuesday. Microsoft recommends patching this vulnerability as soon as possible after release.