Skip to main content

DrayTek Releases Security Updates

Security updates address a vulnerability with a CVSSv3 score of 10.0 that allows unauthenticated RCE

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

Security updates address a vulnerability with a CVSSv3 score of 10.0 that allows unauthenticated RCE


Threat details

Introduction

DrayTek has released security updates to address a critical vulnerability, found by Trellix researchers, which could lead to unauthenticated remote code execution (RCE). An attacker could exploit this vulnerability to take control of an affected system.


Remediation advice

Affected organisations are encouraged to review DrayTek's latest firmware updates and apply the relevant update.



Last edited: 9 August 2022 10:22 am