April 30, 2023

Zyxel Patches a Critical RCE Vulnerability Affecting its Firewall Devices

Zyxel has released a security advisory addressing a critical Remote Code Execution (RCE) vulnerability affecting its Firewall devices.

Zyxel has also fixed several high-severity vulnerabilities in its firewalls that could result in denial-of-service (DoS), command execution, core dump, and encrypted information retrieval. All vulnerabilities were patched in the same update. 

The Critical Vulnerability

•  CVE-2023-28771 (CVSS:9.8 – critical) – A RCE vulnerability in Zyxel firewalls devices, Improper error message handling in the specific devices could allow an unauthenticated remote threat actor to execute some OS commands by sending crafted packets to an affected device.

Vulnerable Products

• ATP versions ZLD V4.60 to V5.35.
• USG FLEX versions ZLD V4.60 to V5.35.
• VPN versions ZLD V4.60 to V5.35.
• ZyWALL/USG versions ZLD V4.60 to V4.73.

Mitigation

CYREBRO recommends updating all affected products to the latest firmware versions.

References: Zyxel Advisory