No heartbleed vulnerability in Zyxel business solutions, and DSL CPE products

Share this

16 April 2014 – The company has carried out extensive checks and confirmed that the OpenSSL versions used in ZyXEL business solutions and DSL CPE products are not at risk.

ZyXEL business solutions including security appliances, Gateways, Switches and WLAN AP/ Controllers, use OpenSSL, but not the affected versions. This means all firewalls and firmware versions are posed no threat by the Heardbleed bug, which was found in OpenSSL versions 1.0.1f and 1.0.2-beta1.

The same applies to ZyXEL DSL CPE, WiMAX , LTE products, and other models that support HTTPs Remote Management. The OpenSSL versions these products use are not affected by the Heartbleed bug.

To improve business network security, ZyXEL strongly recommends that users add our IDP (Intrusion Detection and Prevention) service to USG (Unified Security Gateway) to protect business from such threats. The ZyXEL USG series effectively guards servers in business networks from break-in via the Heartbleed bug. To further enhance protection, the ZyXEL USG series featuring the IDP license will automatically connect to ZSDN (ZyXEL Security Distribution Network) to retrieve the latest updates. ZyXEL is releasing this new IDP signature update on April 16th, 2014.

About Zyxel Communications

Zyxel Communications delivers technological innovations and has connected the world to the Internet for more than 30 years. Whether it’s a matter of establishing access through fixed or mobile broadband solutions, at Zyxel we offer a comprehensive and flexible portfolio of products that’s right for worldwide leading Service Providers and their subscribers.
Zyxel is a global force in the communications market with an unrivalled international presence that includes:

  • 150 markets served
  • Strong local presence throughout five continents
  • 1,000,000 businesses and homes working smarter with Zyxel solutions 100 million devices creating global connections