Friday 08 January 2021
The impact of this issue announcement is high. Please act accordingly to rectify the issue, as stated below.
Products affected:
The issue impacts Zyxel, USG, ATP, VPN, ZyWALL, and USG FLEX devices.
What you need to know:
Multiple Zyxel firewall and WLAN controller products contain hardcoded credentials for an undocumented user account which has admin privileges, and its owner cannot change the password for it (CVE-2020-29583).
Actions to be taken:
Users are advised to download and install the recent firmware updates available.
