A critical zero-day vulnerability affecting Zyxel CPE Series devices, tracked as CVE-2024-40891, is currently being actively targeted in the wild. This flaw has remained unpatched since July 2024, leaving devices exposed to exploitation. Researchers have detected botnets, including Mirai, exploiting this flaw, raising the likelihood of large-scale attacks. If successfully leveraged, the vulnerability could allow attackers to execute arbitrary commands on compromised devices, potentially leading to full system takeover, network breaches, and sensitive data leaks.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox