Zyxel is warning {that a} unhealthy safety signature replace is inflicting vital errors for USG FLEX or ATP Collection firewalls, together with placing the machine right into a boot loop.
“We’ve found an issue affecting a few devices that may cause reboot loops, ZySH daemon failures, or login access problems,” warns a brand new Zyxel advisory.
“The system LED may also flash. Please note this is not related to a CVE or security issue.”
Zyxel says the problems are attributable to a failure in an Software Signature Replace for its cybersecurity options that was pushed out on 1/24 via 1/25 at night time.
Gadgets that obtained the defective replace at the moment are experiencing a variety of points, together with:
- Gadget Error: Fallacious CLI command, machine timeout or machine logout.
- Unable to login to ATP/USG FLEX by way of net GUI: 504 Gateway timeout.
- CPU utilization is excessive.
- In Monitor > Log, the message “ZySH daemon is busy” appeared.
- Unable to enter any instructions on console.
- Coredump messages seem on console.
Zyxel says solely USG FLEX or ATP Collection (ZLD Firmware Variations) firewalls with lively safety licenses are impacted. Gadgets on the Nebula platform or USG FLEX H (uOS) collection are usually not affected.
As first reported by Born Metropolis, the one solution to repair the problem is to have bodily entry to the firewall and to hook up with the console by way of an RS232 serial cable.
“This recovery requires a console cable and must be done on-site. While it’s not ideal, it’s the only guaranteed solution for this issue,” reads the advisory.
Supply: Zyxel
Admins will now have to conduct a collection of steps to revive the firewall, together with backing up the configuration, downloading and making use of a particular firmware, after which connecting by way of the net GUI to revive the backed-up configuration file.
Zyxel has shared detailed steps in its advisory, and it’s extremely beneficial that admins overview them earlier than trying to get well gadgets.
For purchasers who’ve additional questions or want help, Zyxel will probably be internet hosting a Microsoft Groups Open Query Session on Saturday January twenty fifth from 9am – 12pm and 1pm – 5pm (GMT +1).
BleepingComputer has contacted Zyxel with questions in regards to the incident, however no reply was instantly obtained.
