CVE-2023-6764

EPSS 2.33%
Veröffentlicht 20.02.2024 03:15:07
Zuletzt bearbeitet 21.01.2025 18:35:59
Quelle security@zyxel.com.tw
Teams Watchlist Login
Unerledigt Login












A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1 could allow an attacker to achieve unauthorized remote code execution by sending a sequence of specially crafted payloads containing an invalid pointer; however, such an attack would require detailed knowledge of an affected device’s memory layout and configuration.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Zyxel ≫ Atp100 Firmware Version >= 4.32 < 5.37

Zyxel ≫ Atp100 Version-

Zyxel ≫ Atp100 Firmware Version5.37 Update-

Zyxel ≫ Atp100 Version-

Zyxel ≫ Atp100 Firmware Version5.37 Updatepatch1

Zyxel ≫ Atp100 Version-

Zyxel ≫ Atp100w Firmware Version >= 4.32 < 5.37

Zyxel ≫ Atp100w Version-

Zyxel ≫ Atp100w Firmware Version5.37 Update-

Zyxel ≫ Atp100w Version-

Zyxel ≫ Atp100w Firmware Version5.37 Updatepatch1

Zyxel ≫ Atp100w Version-

Zyxel ≫ Atp200 Firmware Version >= 4.32 < 5.37

Zyxel ≫ Atp200 Version-

Zyxel ≫ Atp200 Firmware Version5.37 Update-

Zyxel ≫ Atp200 Version-

Zyxel ≫ Atp200 Firmware Version5.37 Updatepatch1

Zyxel ≫ Atp200 Version-

Zyxel ≫ Atp500 Firmware Version >= 4.32 < 5.37

Zyxel ≫ Atp500 Version-

Zyxel ≫ Atp500 Firmware Version5.37 Update-

Zyxel ≫ Atp500 Version-

Zyxel ≫ Atp500 Firmware Version5.37 Updatepatch1

Zyxel ≫ Atp500 Version-

Zyxel ≫ Atp700 Firmware Version >= 4.32 < 5.37

Zyxel ≫ Atp700 Version-

Zyxel ≫ Atp700 Firmware Version5.37 Update-

Zyxel ≫ Atp700 Version-

Zyxel ≫ Atp700 Firmware Version5.37 Updatepatch1

Zyxel ≫ Atp700 Version-

Zyxel ≫ Atp800 Firmware Version >= 4.32 < 5.37

Zyxel ≫ Atp800 Version-

Zyxel ≫ Atp800 Firmware Version5.37 Update-

Zyxel ≫ Atp800 Version-

Zyxel ≫ Atp800 Firmware Version5.37 Updatepatch1

Zyxel ≫ Atp800 Version-

Zyxel ≫ Usg Flex 100 Firmware Version >= 4.50 < 5.37

Zyxel ≫ Usg Flex 100 Version-

Zyxel ≫ Usg Flex 100 Firmware Version5.37 Update-

Zyxel ≫ Usg Flex 100 Version-

Zyxel ≫ Usg Flex 100 Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg Flex 100 Version-

Zyxel ≫ Usg Flex 100ax Firmware Version >= 4.50 < 5.37

Zyxel ≫ Usg Flex 100ax Version-

Zyxel ≫ Usg Flex 100ax Firmware Version5.37 Update-

Zyxel ≫ Usg Flex 100ax Version-

Zyxel ≫ Usg Flex 100ax Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg Flex 100ax Version-

Zyxel ≫ Usg Flex 100h Firmware Version >= 4.50 < 5.37

Zyxel ≫ Usg Flex 100h Version-

Zyxel ≫ Usg Flex 100h Firmware Version5.37 Update-

Zyxel ≫ Usg Flex 100h Version-

Zyxel ≫ Usg Flex 100h Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg Flex 100h Version-

Zyxel ≫ Usg Flex 100w Firmware Version >= 4.50 < 5.37

Zyxel ≫ Usg Flex 100w Version-

Zyxel ≫ Usg Flex 100w Firmware Version5.37 Update-

Zyxel ≫ Usg Flex 100w Version-

Zyxel ≫ Usg Flex 100w Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg Flex 100w Version-

Zyxel ≫ Usg Flex 200 Firmware Version >= 4.50 < 5.37

Zyxel ≫ Usg Flex 200 Version-

Zyxel ≫ Usg Flex 200 Firmware Version5.37 Update-

Zyxel ≫ Usg Flex 200 Version-

Zyxel ≫ Usg Flex 200 Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg Flex 200 Version-

Zyxel ≫ Usg Flex 200h Firmware Version >= 4.50 < 5.37

Zyxel ≫ Usg Flex 200h Version-

Zyxel ≫ Usg Flex 200h Firmware Version5.37 Update-

Zyxel ≫ Usg Flex 200h Version-

Zyxel ≫ Usg Flex 200h Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg Flex 200h Version-

Zyxel ≫ Usg Flex 200hp Firmware Version >= 4.50 < 5.37

Zyxel ≫ Usg Flex 200hp Version-

Zyxel ≫ Usg Flex 200hp Firmware Version5.37 Update-

Zyxel ≫ Usg Flex 200hp Version-

Zyxel ≫ Usg Flex 200hp Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg Flex 200hp Version-

Zyxel ≫ Usg Flex 500 Firmware Version >= 4.50 < 5.37

Zyxel ≫ Usg Flex 500 Version-

Zyxel ≫ Usg Flex 500 Firmware Version5.37 Update-

Zyxel ≫ Usg Flex 500 Version-

Zyxel ≫ Usg Flex 500 Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg Flex 500 Version-

Zyxel ≫ Usg Flex 500h Firmware Version >= 4.50 < 5.37

Zyxel ≫ Usg Flex 500h Version-

Zyxel ≫ Usg Flex 500h Firmware Version5.37 Update-

Zyxel ≫ Usg Flex 500h Version-

Zyxel ≫ Usg Flex 500h Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg Flex 500h Version-

Zyxel ≫ Usg Flex 700 Firmware Version >= 4.50 < 5.37

Zyxel ≫ Usg Flex 700 Version-

Zyxel ≫ Usg Flex 700 Firmware Version5.37 Update-

Zyxel ≫ Usg Flex 700 Version-

Zyxel ≫ Usg Flex 700 Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg Flex 700 Version-

Zyxel ≫ Usg Flex 700h Firmware Version >= 4.50 < 5.37

Zyxel ≫ Usg Flex 700h Version-

Zyxel ≫ Usg Flex 700h Firmware Version5.37 Update-

Zyxel ≫ Usg Flex 700h Version-

Zyxel ≫ Usg Flex 700h Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg Flex 700h Version-

Zyxel ≫ Usg Flex 50 Firmware Version >= 4.16 < 5.37

Zyxel ≫ Usg Flex 50 Version-

Zyxel ≫ Usg Flex 50 Firmware Version5.37 Update-

Zyxel ≫ Usg Flex 50 Version-

Zyxel ≫ Usg Flex 50 Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg Flex 50 Version-

Zyxel ≫ Usg Flex 50w Firmware Version >= 4.16 < 5.37

Zyxel ≫ Usg Flex 50w Version-

Zyxel ≫ Usg Flex 50w Firmware Version5.37 Update-

Zyxel ≫ Usg Flex 50w Version-

Zyxel ≫ Usg Flex 50w Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg Flex 50w Version-

Zyxel ≫ Usg20-vpn Firmware Version >= 4.16 < 5.37

Zyxel ≫ Usg20-vpn Version-

Zyxel ≫ Usg20-vpn Firmware Version5.37 Update-

Zyxel ≫ Usg20-vpn Version-

Zyxel ≫ Usg20-vpn Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg20-vpn Version-

Zyxel ≫ Usg20w-vpn Firmware Version >= 4.16 < 5.37

Zyxel ≫ Usg20w-vpn Version-

Zyxel ≫ Usg20w-vpn Firmware Version5.37 Update-

Zyxel ≫ Usg20w-vpn Version-

Zyxel ≫ Usg20w-vpn Firmware Version5.37 Updatepatch1

Zyxel ≫ Usg20w-vpn Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.33%	0.842

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security@zyxel.com.tw	8.1	2.2	5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-134 Use of Externally-Controlled Format String

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-6764

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-6764

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-6764

EUVD