(01) 236 01 01(040) 54887560+31 252 621625
Zero Day Exploit: Zyxel NAS
Zero Day Exploits are critical gateways, abused by cyber criminals and malware (ransomware), which can cause serious damage and data loss.

Zero Day Exploit: Zyxel NAS

Various network-attached storage devices from the manufacturer Zyxel can be targeted by attackers via a particularly critical security vulnerability. The vulnerability CVE-2020-9054 can be exploited using exploit code. A temporary fix - with certain restrictions - has already been released. Further security updates are to follow.

5. 1 2020 - Sebastian Evers

This is good news for users of current hardware, but bad news for owners of older Zyxel hardware. Support for the systems NSA210, NSA220, NSA220 +, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2 is no longer offered and there are no more security updates, so that the critical security vulnerability becomes an grave danger - even if no reports have yet been made of attacks that have taken place.

With a Hotfix, the still supported models NAS326, NAS520, NAS540 and NAS542 were temporarily protected. An update for firmware protection (V5.21) will appear in March. Older systems that are denied this update are still vulnerable.

The vulnerability allows attackers to inject malicious code with "remote code execution" with ease, in order to be able to execute additional malicious code with root rights

Pending firmware updates for Zyxel NAS systems:
  • Update: Firmware V5.21(AAZF.7)C0 für Zyxel NAS326 will be released in March 2020.
  • Update: Firmware V5.21(AASZ.3)C0 für Zyxel NAS520  will be released in March 2020..
  • Update: Firmware V5.21(AATB.4)C0 für Zyxel NAS540  will be released in March 2020.
  • Update: Firmware V5.21(ABAG.4)C0 für Zyxel NAS542  will be released in March 2020.

Some Zyxel firewalls and Zyxel gateways are also critical devices that can be used to execute foreign code via their login mask:

  • ATP100
  • ATP200
  • ATP500
  • ATP800
  • USG20-VPN
  • USG20W-VPN
  • USG40
  • USG40W
  • USG60
  • USG60W
  • USG110
  • USG210
  • USG310
  • USG1100
  • USG1900
  • USG2200
  • VPN50
  • VPN100
  • VPN300
  • VPN1000
  • ZyWALL110
  • ZyWALL310
  • ZyWALL1100

The firmware updates from Zyxel are already available for these devices and should be carried out as soon as possible to prevent possible cyber attacks: Zyxel Hotfix & Firmwareupdate

Related topics


Attingo in the press
Exhibition and conference dates
FAQ - Frequently asked Questions
Case Studies: Data Recovery