Zyxel Releases Patches for Critical Flaws in Firewall & VPN Devices

Публикувано от Shipra Sanganeria на Май 26, 2023

Zyxel Networks announced the release of updates for two critical security vulnerabilities impacting its firewall and VPN products. The two security flaws could provide admin-level access of the vulnerable devices to unwanted threat actors.

The Zyxel security advisory notes that both the flaws (CVE-2023-33009 and CVE-2023-33010) are buffer overflow vulnerabilities and have been given 9.8 out of 10 scores by CVSS (scoring system that provides qualitative measure of vulnerability).

Buffer overflow attack enables the threat actors to remotely control the affected devices by manipulating the system memory. The attacker can overwrite the data (memory) of an application and change its execution path, thus gaining unauthorized access to private data. Generally, this attack results in network interruptions, system crashes and sometimes can also lead to the creation of programs that run infinitely.

The two issues cited by Zyxel are:

CVE-2023-33009 – In some of the products, the buffer overflow vulnerability in the notification function could allow an unauthenticated attacker to cause a denial-of-service (DoS) condition and remote code execution.
CVE-2023-33010 – In some product versions, buffer overflow vulnerability in the ID processing function could allow an unauthenticated attacker to cause a denial-of-service (DoS) condition and remote code execution.

Post investigation, Zyxel noted that the following devices were impacted by the vulnerable firewall series:

ATP Versions ZLD V4.32 to V5.36 Patch 1 (repaired in ZLD V5.36 Patch 2)
USG FLEX Versions ZLD V4.50 to V5.36 Patch 1 (repaired in ZLD V5.36 Patch 2)
USG FLEX50(W) / USG20(W)-VPN Versions ZLD V4.25 to V5.36 Patch 1 (repaired in ZLD V5.36 Patch 2
VPN Versions ZLD V4.30 to V5.36 Patch 1 (repaired in ZLD V5.36 Patch 2)
ZyWALL/USG Versions ZLD V4.25 to V4.73 Patch 1 (repaired in ZLD V4.73 Patch 2)

The company has recommended its users to install the updated security patches to avoid unwanted threat attacks. On its Support Campus, Zyxel has also provided step-by-step instructions for its affected VPN partners.

These products are generally used by small and mid-sized businesses as well as home and remote-based workers to protect and secure their networks. In recent times, threat actors are always on the lookout for such vulnerabilities, thus it is essential that users and system administrators secure their networks with these firmware patches as quickly as possible.