Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Critical Vulnerability in Zyxel Firewalls Leads to Command Execution

A critical-severity vulnerability in Zyxel’s ATP, USG FLEX, VPN, and ZyWALL/USG firewalls can be exploited remotely for OS command execution.

Taiwanese network equipment manufacturer Zyxel this week announced patches for a critical-severity vulnerability impacting its ATP, USG FLEX, VPN, and ZyWALL/USG firewalls.

Tracked as CVE-2023-28771 (CVSS score of 9.8), the security defect can be exploited remotely to execute OS commands.

“Improper error message handling in some firewall versions could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device,” Zyxel explains in its advisory.

The bug impacts ATP, USG FLEX, and VPN firmware versions 4.60 to 5.35, and ZyWALL/USG firmware versions 4.60 to 4.73. Fixes were included in ATP, USG FLEX, and VPN firmware releases 5.36 and ZyWALL/USG firmware version 4.73 Patch 1.

Users are advised to update their firewalls as soon as possible. While the vulnerability does not appear to be exploited in malicious attacks, unpatched Zyxel appliances are known to be targeted by malicious actors.

The firmware updates for ATP, USG FLEX, and VPN firewalls also resolve a high-severity command injection issue. Tracked as CVE-2023-27991, the vulnerability was addressed in USG FLEX 50(W) / USG20(W)-VPN firewalls as well (in firmware version 5.36).

This week, the company also announced fixes for several high-severity flaws in multiple firewalls and access point (AP) models, which could be exploited to cause denial-of-service (DoS) conditions, execute commands, cause a core dump, or retrieve encrypted information of the administrator.

Zyxel resolved the bugs with firmware updates for the impacted firewalls. Firmware updates were released for many AP devices as well, while for others hotfixes are available by request.

Advertisement. Scroll to continue reading.

Users should review Zyxel’s advisory on these vulnerabilities and update their devices if necessary.

Related: Zyxel Patches Critical Vulnerability in NAS Firmware

Related: Technical Details Released for Recently Patched Zyxel Firewall Vulnerabilities

Related: Zyxel Warns Customers of Attacks on Security Appliances

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

PAM provider Keeper Security has appointed Shane Barney as its Chief Information Security Officer.

SpecterOps has appointed Tim Bender as CFO, Pat Sheridan as CRO, and Bryce Hein as CMO.

CISA has officially announced the appointment of Madhu Gottumukkala as its new deputy director.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.