Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Taiwan hardware maker Zyxel has said that there is no plan to publish a patch for two actively absorbed weakness that affects thousands of potential customers.
Humpty Detective Startup Grenzoise Careful A critical-rated zero-day weakness that affects zyxel routers by the end of last month is being actively exploited. Grenayes said that the defects allow the attackers to enforce volunteer commands on infected devices, causing the system to be negotiated, data expression or network infiltration.
The threat intelligence agency Volunkek discovered these weaknesses in July last year and told Zyxel the following month, according to Grenoyes, however, manufacturers have not yet been patch or formally released.
A Adviser This week, Zyxel said that it has recently become aware of the “two weaknesses”-now formally tracked as CVE-2024-40890 and CVE -2024-40891-which has said that it affects multiple life products.
The agency claimed that the flaws were not reported by Volunc and said that it was first aware of them on January 29, a day after grenayes informed of active exploitation.
Zixel, Whose devices are used by more than 1 million businessSays these bugs are “inherited products that affect the product that reaches the end of life [EOL] There are no plans to publish it to fix the patchs for years. Instead, the company is advising customers to replace poor routers with “new generation products for optimal protection”.
In A blog post on TuesdayVolchec has noted that the affected devices are not listed on the EOL page of the Zyxel and have said that some of the affected models are still available for purchase through Amazon, which confirmed TechCrunch.
“Although these systems are out of age and seemingly out of support, they remain very relevant because of their continuous use of the world and sustainable interest from the invaders,” said Volunkek CTO Jacob Bines.
Accordingly SensoryA search engine for internet -off things devices and internet resources, about 1,500 weak devices are open on the Internet.
In an update last week, Grennies said that it was observed with the detected boats with Mirai, using one of the zyxel weaknesses, it implies that it was being used in large -scale attacks.
Zixel spokesman Birgit Larsen did not respond to multiple requests for TechCrunch for the comment.
