Backdoor account discovered in more than 100k Zyxel firewalls, VPN gateways
zdnet.com> Patches are currently available only for the ATP, USG, USG Flex, and VPN series. Patches for the NXC series are expected in April 2021, according to a Zyxel security advisory.
4 months to deliver a security patch of this significance? Would love to know what kind of situation leads to that kind of latency.
They had to figure out what backdoor to replace it with
This and a little looking on Shodan makes for a scary tale of negligence at scale.
You just described the entire industry
This reminds me of the guy that discovered a backdoor in his router after he forgot the admin password over the Christmas holidays.
https://github.com/elvanderb/TCP-32764
There is helpful hints in that research that enabled me to view the firmware of my own router
Its almost as if Chinese companies are either just arms of the state, or thoroughly infiltrated by state actors! I don't think US-based hardware manufacturers are really any better though.
To me this just illustrates the need for fully open-sourced hardware and software with domestic production facilities.
Zyxel is Taiwanese.
Also, this is more likely a case of incompetence, not maliciousness.
How do you know Taiwan doesn't have malicious state actors behind these backdoors? Is it because they aren't in a China ruled by the evil CCP?
Or could it be an insider job?
Some execs or managers demanding a backdoor, then secretly privately selling the secret password to various nation states and private security companies (for personal profit)
This is a valid possibility, interesting to see such double standards applied to different tech companies based on the residence of their HQ.
Why would they? Also, why expose it in such an obvious way?
Incompetence is a form of malice in cases like this.
I disagree.
Was the Solarwinds hack an act of malice, then?
Its okay, they all had nothing to hide
This is why I use OpenWrt in my network!