Support expired: No more security updates for attacked Zyxel routers
A Mirai botnet malware is currently targeting certain Zyxel router models. Because support has expired, admins must act now.
(Image: solarseven/Shutterstock.com)
According to the manufacturer, support for several Zyxel routers has been discontinued for several years. As a result, the devices should no longer be used. Current attacks are exacerbating the situation.
Act now!
In a post, Zyxel explains that the affected routers will no longer receive security updates due to the end of support and will remain vulnerable. Anyone still using such a device should take it out of service quickly due to the current attacks by Mirai botnet malware and replace it with an up-to-date router.
Specifically, this concerns these models:
- VMG1312-B10A
- VMG1312-B10B
- VMG1312-B10E
- VMG3312-B10A
- VMG3313-B10A
- VMG3926-B10B
- VMG4325-B10A
- VMG4380-B10A
- VMG8324-B10A
- VMG8924-B10A
- SBG3300
- SBG3500
Videos by heise
Malicious code attacks
If attackers successfully exploit the vulnerabilities (CVE-2024-40890, risk “high”; CVE-2024-40891, “high”; CVE-2025-0890, “critical”), they can change the access data for admins via the management interface using insecure standard access data for a Telnet connection, among other things. In such a position, attackers can be expected to completely compromise devices.
It is also possible for attackers to execute commands at system level. Attackers are currently combining the gaps to execute malicious code.
The extent of the current attacks is still unclear. Security researchers from VulnCheck explain in an article that around 1500 vulnerable routers are publicly accessible via the Internet. Admins should react immediately. Moreover, some affected router models can still be purchased in stores.
(des)
