They could also intercept traffic or create VPN accounts to gain access to the network behind the device. Someone could for example change firewall settings to allow or block certain traffic. “An attacker could completely compromise the confidentiality, integrity and availability of the device. “As the zyfwp user has admin privileges, this is a serious vulnerability,” Eye Control researcher Niels Teusink wrote. Have you patched?The researcher warned that the account put users at considerable risk, particularly if it were used to exploit other vulnerabilities such as Zerologon, a critical Windows flaw that allows attackers to instantly become all-powerful network administrators.
Further Reading New Windows exploit lets you instantly become admin.