Recently, Zyxel, the networking equipment manufacturer, has issued critical security patches for its firewall devices to fix a vulnerability allowing RCE on the affected systems.
This RCE vulnerability, tracked as “CVE-2023-28771,” was discovered by TRAPA Security, and on the CVSS scoring system, it has been rated 9.8 with a “Critical” severity tag.
Products Affected
Here below, we have mentioned the products that are impacted by this flaw:-
- ATP (Affected versions: ZLD V4.60 to V5.35, Patched version: ZLD V5.36)
- USG FLEX (Affected versions: ZLD V4.60 to V5.35, Patched version: ZLD V5.36)
- VPN (Affected versions: ZLD V4.60 to V5.35, Patched version: ZLD V5.36)
- ZyWALL/USG (Affected versions: ZLD V4.60 to V4.73, Patched version: ZLD V4.73 Patch 1)
By exploiting this vulnerability, unauthenticated attackers can execute OS commands on an affected device by sending specially crafted packets due to improper error message handling in certain firewall versions.
Moreover, Zyxel has addressed one medium-severity bug and five high-severity vulnerabilities that impact multiple firewalls and access point devices.
While these vulnerabilities may result in the activation of code execution and DoS situations.
The credit for reporting the issues has been given to Nikita Abramov of Positive Technologies, a cybersecurity company based in Russia.
Additionally, Zyxel urged users to contact their local service rep or visit Zyxel’s Community for further information or assistance.
Source: https://cybersecuritynews.com/zyxel-firewall-vulnerability/