Zyxel has released security updates for a critical security vulnerability affecting business firewall and VPN solutions.
The security vulnerability tracked by code CVE-2022-0342 is an authentication bypass vulnerability caused by the lack of a proper access control mechanism in the web interface of some firewall versions. A threat actor that successfully exploits the vulnerability can bypass authentication and gain access to administrative privileges on the vulnerable system. The vulnerability affects the versions listed below.