Affected series Affected version Patch availability ATP ZLD V4.32 to V5.36 Patch 1 ZLD V5.36 Patch 2 USG FLEX ZLD V4.50 to V5.36 Patch 1 ZLD V5.36 Patch 2 USG FLEX50(W) / USG20(W)-VPN ZLD V4.25 to V5.36 Patch 1 ZLD V5.36 Patch 2 VPN ZLD V4.30 to V5.36 Patch 1 ZLD V5.36 Patch 2 ZyWALL/USG ZLD V4.25 to V4.73 Patch 1 ZLD V4.73 Patch 2 Like its counterpart, CVE-2023-33010 could offer an unauthenticated attacker a similar destructive palette of options: inducing DoS conditions or initiating remote code execution on the ensnared device. This vulnerability resides in the ID processing function of the same list of Zyxel firmware versions. Its sinister twin, CVE-2023-33010, presents a parallel threat. The firmware versions susceptible to this vulnerability are found within Zyxel’s ATP, USG FLEX, VPN, and ZyWALL/USG series. This security flaw, if exploited, could grant an unauthenticated assailant the power to induce a denial-of-service (DoS) condition or even execute remote code on the targeted device. In the vortex of this digital storm, CVE-2023-33009 reveals itself as a buffer overflow vulnerability lurking within the notification function of numerous Zyxel firmware versions. This figure, precariously perched on the high end of the severity scale, is indicative of the potential mayhem these vulnerabilities could wreak if left unchecked. The vulnerabilities, assigned the labels CVE-2023-33009 and CVE-2023-33010, both carry an alarming Common Vulnerability Scoring System (CVSS) score of 9.8. Disable Windows 10 Defender Virus and Threat Protection
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |