CVE-2020-29583

Zyxel firewalls (ATP, USG, VM) and AP Controllers (NXC2500 and NXC5500) contain a use of hard-coded credentials vulnerability in an undocumented account ("zyfwp") with an unchangeable password. Vendor/Product: Zyxel Multiple Products. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.