CVE-2020-29583
Zyxel Multiple Products Use of Hard-Coded Credentials Vulnerability
CVSS
—
No CVSS
EPSS
90.0%
p100
KEV
YES
Nov 3, 2021
Exploit Today
80
0-100
Published: — · Last modified: —
90.0%EPSS · 30 days90.0%
2026-06-302026-07-16
Product
Zyxel / Multiple Products
Vulnerability
Zyxel Multiple Products Use of Hard-Coded Credentials Vulnerability
Added to KEV
Nov 3, 2021
Remediate by
May 3, 2022
Known ransomware use
No
Summary description
Zyxel firewalls (ATP, USG, VM) and AP Controllers (NXC2500 and NXC5500) contain a use of hard-coded credentials vulnerability in an undocumented account ("zyfwp") with an unchangeable password.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-29583
No related CVEs by CWE or product.