9.8
CVE-2023-33009
- EPSS 4.64%
- Published 24.05.2023 13:15:09
- Last modified 27.01.2025 21:44:27
- Source security@zyxel.com.tw
- Teams watchlist Login
- Open Login
A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
Data is provided by the National Vulnerability Database (NVD)
Zyxel ≫ Atp100 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Atp100 Firmware Version5.36 Update-
Zyxel ≫ Atp100 Firmware Version5.36 Updatepatch1
Zyxel ≫ Atp200 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Atp200 Firmware Version5.36 Update-
Zyxel ≫ Atp200 Firmware Version5.36 Updatepatch1
Zyxel ≫ Atp500 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Atp500 Firmware Version5.36 Update-
Zyxel ≫ Atp500 Firmware Version5.36 Updatepatch1
Zyxel ≫ Atp100w Firmware Version >= 4.60 < 5.36
Zyxel ≫ Atp100w Firmware Version5.36 Update-
Zyxel ≫ Atp100w Firmware Version5.36 Updatepatch1
Zyxel ≫ Atp700 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Atp700 Firmware Version5.36 Update-
Zyxel ≫ Atp700 Firmware Version5.36 Updatepatch1
Zyxel ≫ Atp800 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Atp800 Firmware Version5.36 Update-
Zyxel ≫ Atp800 Firmware Version5.36 Updatepatch1
Zyxel ≫ Usg Flex 100 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Usg Flex 100 Firmware Version5.36 Update-
Zyxel ≫ Usg Flex 100 Firmware Version5.36 Updatepatch1
Zyxel ≫ Usg Flex 50 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Usg Flex 50 Firmware Version5.36 Update-
Zyxel ≫ Usg Flex 50 Firmware Version5.36 Updatepatch1
Zyxel ≫ Usg Flex 200 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Usg Flex 200 Firmware Version5.36 Update-
Zyxel ≫ Usg Flex 200 Firmware Version5.36 Updatepatch1
Zyxel ≫ Usg Flex 500 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Usg Flex 500 Firmware Version5.36 Update-
Zyxel ≫ Usg Flex 500 Firmware Version5.36 Updatepatch1
Zyxel ≫ Usg Flex 700 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Usg Flex 700 Firmware Version5.36 Update-
Zyxel ≫ Usg Flex 700 Firmware Version5.36 Updatepatch1
Zyxel ≫ Usg Flex 100 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Usg Flex 100w Firmware Version5.36 Update-
Zyxel ≫ Usg Flex 100w Firmware Version5.36 Updatepatch1
Zyxel ≫ Usg Flex 50w Firmware Version >= 4.60 < 5.36
Zyxel ≫ Usg Flex 50w Firmware Version5.36 Update-
Zyxel ≫ Usg Flex 50w Firmware Version5.36 Updatepatch1
Zyxel ≫ Usg 20w-vpn Firmware Version >= 4.60 < 5.36
Zyxel ≫ Usg 20w-vpn Firmware Version5.36 Update-
Zyxel ≫ Usg 20w-vpn Firmware Version5.36 Updatepatch1
Zyxel ≫ Vpn100 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Vpn100 Firmware Version5.36 Update-
Zyxel ≫ Vpn100 Firmware Version5.36 Updatepatch1
Zyxel ≫ Vpn50 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Vpn50 Firmware Version5.36 Update-
Zyxel ≫ Vpn50 Firmware Version5.36 Updatepatch1
Zyxel ≫ Vpn300 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Vpn300 Firmware Version5.36 Update-
Zyxel ≫ Vpn300 Firmware Version5.36 Updatepatch1
Zyxel ≫ Vpn1000 Firmware Version >= 4.60 < 5.36
Zyxel ≫ Vpn1000 Firmware Version5.36 Update-
Zyxel ≫ Vpn1000 Firmware Version5.36 Updatepatch1
Zyxel ≫ Usg20-vpn Firmware Version >= 4.60 < 5.36
Zyxel ≫ Usg20-vpn Firmware Version5.36 Update-
Zyxel ≫ Usg20-vpn Firmware Version5.36 Updatepatch1
Zyxel ≫ Usg 40 Firmware Version >= 4.60 < 4.73
Zyxel ≫ Usg 40 Firmware Version4.73 Update-
Zyxel ≫ Usg 40 Firmware Version4.73 Updatepatch1
Zyxel ≫ Usg 40w Firmware Version >= 4.60 < 4.73
Zyxel ≫ Usg 40w Firmware Version4.73 Update-
Zyxel ≫ Usg 40w Firmware Version4.73 Updatepatch1
Zyxel ≫ Usg 60w Firmware Version >= 4.60 < 4.73
Zyxel ≫ Usg 60w Firmware Version4.73 Update-
Zyxel ≫ Usg 60w Firmware Version4.73 Updatepatch1
Zyxel ≫ Usg 60 Firmware Version >= 4.60 < 4.73
Zyxel ≫ Usg 60 Firmware Version4.73 Update-
Zyxel ≫ Usg 60 Firmware Version4.73 Updatepatch1
05.06.2023: CISA Known Exploited Vulnerabilities (KEV) Catalog
Zyxel Multiple Firewalls Buffer Overflow Vulnerability
VulnerabilityZyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerability in the notification function that could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and remote code execution on an affected device.
DescriptionApply updates per vendor instructions.
Required actions| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.64% | 0.887 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| security@zyxel.com.tw | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.