No Heartbleed Vulnerability in ZyXEL Business Solutions, and DSL CPE products

04.05.2014 15:51

April 16, 2014; Pressroom – ZyXEL Communications

[Translate to Angličtina:] zywall1100

The company Zyxel has carried out extensive checks and confirmed that the OpenSSL versions used in ZyXEL business solutions and DSL CPE products are not at risk.

ZyXEL business solutions including security appliances, Gateways, Switches and WLAN AP/ Controllers, use OpenSSL, but not the affected versions. This means all firewalls and firmware versions are posed no threat by the Heardbleed bug, which was found in OpenSSL versions 1.0.1f and 1.0.2-beta1.

The same applies to ZyXEL DSL CPE, WiMAX , LTE products, and other models that support HTTPs Remote Management. The OpenSSL versions these products use are not affected by the Heartbleed bug.

To improve business network security, ZyXEL strongly recommends that users add our IDP (Intrusion Detection and Prevention) service to USG (Unified Security Gateway) to protect business from such threats. The ZyXEL USG series effectively guards servers in business networks from break-in via the Heartbleed bug. To further enhance protection, the ZyXEL USG series featuring the IDP license will automatically connect to ZSDN (ZyXEL Security Distribution Network) to retrieve the latest updates. ZyXEL is releasing this new IDP signature update on April 16th, 2014.


For more information don't hesitate to contact us: