Skip to main content

Critical Vulnerabilities in Zyxel Firewalls

Redoracle TeamOriginalApril 24, 2025About 1 minNewsvulnerabilitiespermissionsfirmware updatesystem compromise

Critical Vulnerabilities in Zyxel Firewalls

Image

Introduction

Recent findings have revealed critical vulnerabilities in Zyxel's USG FLEX H Series firewalls, which could potentially compromise entire systems. These vulnerabilities are primarily due to improper file handling and relaxed permissions, allowing unauthorized access and control over the systems.

Key Highlights

  • Vulnerability Details:
    • Identified as CVE-2025-1731, these flaws allow unauthorized system control.
    • Misconfigured permissions and improper privilege management are at the core of the vulnerabilities.
  • Exploitation Risks:
    • The lack of the sticky bit permission in the /tmp directory exacerbates the risks.
    • Researchers have demonstrated a proof-of-concept exploit illustrating potential local privilege escalation.

Insights & Analysis

Nature of Vulnerability

The vulnerabilities in Zyxel's USG FLEX H Series firewalls stem from misconfigured permissions and improper privilege management within the Linux-based operating system (uOS). A setuid root binary is misused, enabling local privilege escalation when executed with specific arguments.

Company Response

Zyxel has acknowledged the vulnerabilities and released a firmware update (Version 1.32) to address the identified issues. However, there is a dispute over the assignment of separate CVE IDs for the vulnerabilities, with Zyxel opting to group them under CVE-2025-1731.

Impact

The vulnerabilities identified in Zyxel's USG FLEX H Series firewalls underscore the critical importance of proper permission management and system configuration in cybersecurity. Organizations utilizing these firewalls should promptly apply the firmware update to mitigate potential risks.

Conclusion

In conclusion, the critical vulnerabilities found in Zyxel's firewalls highlight the necessity of robust security measures in place to prevent unauthorized access and system compromise. By promptly applying the provided firmware update, organizations can enhance their cybersecurity posture and protect their systems from potential exploitation.

For more information, you can refer to the source article.

Last Updated: