Zyxel is warning {that a} dangerous safety signature replace is inflicting important errors for USG FLEX or ATP Collection firewalls, together with placing the machine right into a boot loop.
“We have discovered a difficulty affecting a number of units that will trigger reboot loops, ZySH daemon failures, or login entry issues,” warns a brand new Zyxel advisory.
“The system LED may flash. Please word that is not associated to a CVE or safety situation.”
Zyxel says the problems are brought on by a failure in an Software Signature Replace for its cybersecurity options that was pushed out on 1/24 by way of 1/25 at night time.
Gadgets that obtained the defective replace at the moment are experiencing a variety of points, together with:
- System Error: Fallacious CLI command, machine timeout or machine logout.
- Unable to login to ATP/USG FLEX by way of net GUI: 504 Gateway timeout.
- CPU utilization is excessive.
- In Monitor > Log, the message “ZySH daemon is busy” appeared.
- Unable to enter any instructions on console.
- Coredump messages seem on console.
Zyxel says solely USG FLEX or ATP Collection (ZLD Firmware Variations) firewalls with energetic safety licenses are impacted. Gadgets on the Nebula platform or USG FLEX H (uOS) sequence are usually not affected.
As first reported by Born Metropolis, the one approach to repair the difficulty is to have bodily entry to the firewall and to hook up with the console by way of an RS232 serial cable.
“This restoration requires a console cable and should be performed on-site. Whereas it isn’t preferrred, it is the one assured answer for this situation,” reads the advisory.
Supply: Zyxel
Admins will now have to conduct a sequence of steps to revive the firewall, together with backing up the configuration, downloading and making use of a particular firmware, after which connecting by way of the net GUI to revive the backed-up configuration file.
Zyxel has shared detailed steps in its advisory, and it’s extremely beneficial that admins assessment them earlier than trying to get better units.
For patrons who’ve additional questions or want help, Zyxel can be internet hosting a Microsoft Groups Open Query Session on Saturday January twenty fifth from 9am – 12pm and 1pm – 5pm (GMT +1).
BleepingComputer has contacted Zyxel with questions in regards to the incident, however no reply was instantly obtained.
