This spring, the largest cyber attack ever on Danish vital infrastructure took place. In the process, 22 energy companies were hacked. Malicious parties managed to gain access through security holes in firewalls made by manufacturer Zyxel. SektorCERT, the cybersecurity center for the Danish vital sectors, recently reported this.
The first attacks occurred on May 11. In them, hackers exploited a critical vulnerability in Zyxel firewalls, designated CVE-2023-28771. This vulnerability allows an unauthenticated attacker to remotely take over systems. The impact of the vulnerability was rated 9.8 on a scale of 1 to 10. Zyxel had made security updates for the problem available on April 25.
A second set of attacks took place on May 22. In these, the hackers exploited two other vulnerabilities in Zyxel firewalls, designated as CVE-2023-33009 and CVE-2023-33010. These were zerodays. On May 24, Zyxel released patches for these security vulnerabilities. Through both vulnerabilities, it is possible to take over Zyxel firewalls remotely.
