Zyxel Patches Critical Flaws in NAS Devices: Update Now or Risk Cyber Havoc!

Zyxel has patched three high-severity flaws in its NAS devices. The vulnerabilities, CVE-2024-29972, CVE-2024-29973, and CVE-2024-29974, have critical severity scores and need immediate attention. Despite the devices reaching end-of-life, patches are available for those with extended warranty.

3P
Published: June 6, 2024 4:51 pmAdded: June 6, 2024 at 10:01 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Zyxel is playing a dangerous game of hide and seek with its vulnerabilities, but it looks like the hackers always find a way to win. It’s like giving your house keys to a burglar, then patching up the window they broke to get in. Oops!

Key Points:

  • Zyxel patched three critical flaws in its NAS devices: CVE-2024-29972, CVE-2024-29973, and CVE-2024-29974.
  • The flaws were discovered in NAS326 and NAS542 models.
  • Two additional moderately severe flaws (CVE-2024-29975 and CVE-2024-29976) were also found.
  • These devices reached end-of-life status on December 31, 2023, but Zyxel still released patches.
  • The vulnerabilities were discovered and demonstrated by Timothy Hjort from Outpost24.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?