Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now

Networking products maker Zyxel has produced patches for a critical security flaw in its firewall equipment that could be exploited to obtain remote code execution on impacted units.

The issue, tracked as CVE-2023-28771, is rated 9.8 on the CVSS scoring technique. Scientists from TRAPA Security have been credited with reporting the flaw.

“Poor mistake concept handling in some firewall variations could allow for an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an influenced gadget,” Zyxel reported in an advisory on April 25, 2023.

✔ Approved From Our Partners

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code

Products and solutions impacted by the flaw are –

• ATP (versions ZLD V4.60 to V5.35, patched in ZLD V5.36)
• USG FLEX (variations ZLD V4.60 to V5.35, patched in ZLD V5.36)
• VPN (variations ZLD V4.60 to V5.35, patched in ZLD V5.36), and
• ZyWALL/USG (versions ZLD V4.60 to V4.73, patched in ZLD V4.73 Patch 1)

Zyxel has also tackled a substantial-severity put up-authentication command injection vulnerability impacting choose firewall variations (CVE-2023-27991, CVSS score: 8.8) that could allow an authenticated attacker to execute some OS instructions remotely.

The shortcoming, which impacts ATP, USG FLEX, USG FLEX 50(W) / USG20(W)-VPN, and VPN equipment, has been fixed in ZLD V5.36.

Approaching WEBINARLearn to Stop Ransomware with Genuine-Time Security

Sign up for our webinar and study how to prevent ransomware attacks in their tracks with serious-time MFA and support account protection.

Help save My Seat!

Last of all, the corporation also transported fixes for five high-severity flaws impacting quite a few firewalls and obtain place (AP) devices (from CVE-2023-22913 to CVE-2023-22918) that could end result in code execution and cause a denial-of-company (DoS) ailment.

Nikita Abramov from Russian cybersecurity firm Optimistic Systems has been credited for reporting the issues. Abramov, earlier this year, also found four command injection and buffer overflow vulnerabilities in CPE, fiber ONTs, and WiFi extenders.

The most critical of the flaws is CVE-2022-43389 (CVSS rating: 9.8), a buffer overflow vulnerability impacting 5G NR/4G LTE CPE equipment.

“It did not call for authentication to be exploited and led to arbitrary code execution on the unit,” Abramov defined at the time. “As a end result, an attacker could get remote entry to the machine and fully manage its procedure.”

Observed this write-up attention-grabbing? Abide by us on Twitter  and LinkedIn to study additional unique content we article.