Censys’ Post

🚨 Zero-day Zyxel Vulnerability Under Active Exploitation 🚨 GreyNoise is observing active exploitation of a critical command injection vulnerability in Zyxel CPE devices (CVE-2024-40891). The vulnerability, disclosed by VulnCheck and confirmed by GreyNoise, remains unpatched and undisclosed by the vendor, leaving over 1,500 devices exposed online (source: Censys). This telnet-based flaw allows unauthenticated attackers to execute arbitrary commands, enabling system compromise, data theft, and network infiltration. 🔎 GreyNoise’s real-time data and collaboration with VulnCheck ensure defenders can respond immediately by tracking exploitation activity, including attacker IPs. 📢 Action Steps: - Monitor Zyxel management interface traffic. - Restrict administrative access to trusted IPs. - Watch for Zyxel advisories and apply updates immediately if available. Stay ahead of the attackers. Track live exploitation here: https://lnkd.in/gKnBHfvT #Cybersecurity #ZeroDay #ThreatIntelligence #GreyNoise