Top NAS devices are being targeted by this dangerous malware

Zyxel warns users to patch up now

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

IoT cybersecurity company Sternum has identified a security vulnerability affecting Zyxel Networks’ Linux-operatedNAS drives, including NAS326, NAS540, and NAS542 models, running on firmware version 5.21.

Zyxel Networks’ advisory reads: “The post-authentication command injection vulnerability has been found in the web management interface of some NAS versions,” citing firmware 5.21 and previous versions.

Users are being urged to patch their NAS drives with the latest firmware, which is also identified as 5.21, in order to protect their devices.

Zyxel Networks NAS patch

Specifically, NAS326 owners are being told to update from 5.21 (AAZF.12)C0 to (AAZF.13)C0, NAS540 from (AATB.9)C0 to (AATB.10)C0, and NAS542 from (ABAG.9)C0 to (ABAG.10)C0. The updates are available from the Zyxelwebsite.

Sternum’s Noam Zhitomirsky, Reuven Yakar, Dean Zavadski, and Amit Serper are credited with notifying the NAS maker of the vulnerability, which was marked as CVE-2023-27988 on May 30, 2023.

The best NAS hard drives>Windows 11 cloud backup is getting a whole lot better at last>A benchmark test uncovered some critical vulnerabilities in thousands of QNAP devices

In a press release, Sternum said: “Sternum security researchers were in the process of scanning one of the Zyxel NAS units as part of the company’s standard lab deployment process when a “Dangerous String Format” alert was triggered by one of the security logics in the Sternum security platform.”

The problem was pinpointed as being with the ntpdate_date process, which left a vulnerability allowing an authenticated user to execute an arbitrary system command with root privileges on the system.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Sternum stressed that this could allow hackers to inject remote malware onto unsuspecting NAS drive owners’ devices.

While Zyxel’s quickly-issued patch will fix the issue, Sternum’s researchers believe that other companies’ drives could be vulnerable to similar issues, urging customers and consumers to always keep an eye out for company announcements and apply patches as soon as they become available.

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

Adobe’s decision to eliminate perpetual licensing for its Elements software has stirred controversy among consumers

VIPRE Security Group says its new endpoint protection tools can stamp out even the latest cybersecurity threats

Huge Black Friday Samsung sale: save up to $1,900 on QLED, OLED TVs, and more