Zyxel has unveiled application updates to deal with two critical security flaws impacting pick out firewall and VPN solutions that could be abused by remote attackers to realize code execution.
Both the flaws – CVE-2023-33009 and CVE-2023-33010 – are buffer overflow vulnerabilities and are rated 9.8 out of 10 on the CVSS scoring process.
A temporary description of the two issues is beneath –
- CVE-2023-33009 – A buffer overflow vulnerability in the notification perform that could permit an unauthenticated attacker to induce a denial-of-service (DoS) condition and remote code execution.
- CVE-2023-33010 – A buffer overflow vulnerability in the ID processing functionality that could empower an unauthenticated attacker to lead to a denial-of-assistance (DoS) condition and remote code execution.
The adhering to products are impacted –
- ATP (versions ZLD V4.32 to V5.36 Patch 1, patched in ZLD V5.36 Patch 2)
- USG FLEX (versions ZLD V4.50 to V5.36 Patch 1, patched in ZLD V5.36 Patch 2)
- USG FLEX50(W) / USG20(W)-VPN (versions ZLD V4.25 to V5.36 Patch 1, patched in ZLD V5.36 Patch 2)
- VPN (variations ZLD V4.30 to V5.36 Patch 1, patched in ZLD V5.36 Patch 2), and
- ZyWALL/USG (versions ZLD V4.25 to V4.73 Patch 1, patched in ZLD V4.73 Patch 2)
Security scientists from TRAPA Security and STAR Labs SG have been credited with exploring and reporting the flaws.
Forthcoming WEBINARZero Have confidence in + Deception: Learn How to Outsmart Attackers!
Find how Deception can detect advanced threats, stop lateral motion, and enhance your Zero Have faith in approach. Sign up for our insightful webinar!
Preserve My Seat!
The advisory will come less than a month following Zyxel shipped fixes for yet another critical security flaw in its firewall equipment that could be exploited to reach distant code execution on afflicted techniques.
The issue, tracked as CVE-2023-28771 (CVSS rating: 9.8), was also credited to TRAPA Security, with the networking machines maker blaming it on inappropriate error message dealing with. It has due to the fact occur less than active exploitation by risk actors affiliated with the Mirai botnet.
Located this short article fascinating? Observe us on Twitter and LinkedIn to go through additional special information we post.
Some parts of this article are sourced from: