Zyxel advisory for the BlackNurse attack
A recently publicized “BlackNurse” attack, which sends a low volume of ICMP (Internet Control Message Protocol) Type 3 Code 3 requests to targets, could overload the target’s host CPU, slow down the target’s response, and result in denial of service (DoS). The attack targets firewalls and other network equipment of various brands. However, the attack has not been classified as a security vulnerability because no CVE identifiers or other vulnerability numbers have been assigned.
Is my Zyxel product at risk?
The disclosure suggested two Zyxel products are affected, as listed in Table 1. Zyxel is aware of the attack and will provide patches to strengthen security and guard customers against the threats.
Table 1.
| Product | Series/Model | Status | Patch plan |
|---|---|---|---|
| Security Appliance | USG50 | End-of-life in 2015 | Patch available on Nov. 25 2016 |
| Access Point | NWA3560-N | End-of-life in 2015 | Patch available now |
Please contact your local service or sales representatives if you require any further assistance. To report security vulnerabilities, contact: security@zyxel.com.tw