Lucene search

[email protected]CVE-2023-22917

HistoryApr 24, 2023 - 5:15 p.m.

CVE-2023-22917

2023-04-2417:15:09

CWE-120

[email protected]

web.nvd.nist.gov

cve-2023-22917

buffer overflow

zyxel atp

usg flex

remote attack

unauthenticated

core dump

vulnerability

security advisory

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.9%

JSON

A buffer overflow vulnerability in the “sdwan_iface_ipc” binary of Zyxel ATP series firmware versions 5.10 through 5.32, USG FLEX series firmware versions 5.00 through 5.32, USG FLEX 50(W) firmware versions 5.10 through 5.32, USG20(W)-VPN firmware versions 5.10 through 5.32, and VPN series firmware versions 5.00 through 5.35, which could allow a remote unauthenticated attacker to cause a core dump with a request error message on a vulnerable device by uploading a crafted configuration file.

Affected configurations

NVD

Node

zyxelusg_flex_100_firmwareRange5.00–5.32

AND

zyxelusg_flex_100Match-

Node

zyxelusg_flex_100w_firmwareRange5.00–5.32

AND

zyxelusg_flex_100wMatch-

Node

zyxelusg_flex_200_firmwareRange5.00–5.32

AND

zyxelusg_flex_200Match-

Node

zyxelusg_flex_50_firmwareRange5.00–5.32

AND

zyxelusg_flex_50Match-

Node

zyxelusg_flex_50w_firmwareRange5.10–5.32

AND

zyxelusg_flex_50wMatch-

Node

zyxelusg_flex_500_firmwareRange5.00–5.32

AND

zyxelusg_flex_500Match-

Node

zyxelusg_flex_700_firmwareRange5.00–5.32

AND

zyxelusg_flex_700Match-

Node

zyxelvpn100_firmwareRange5.00–5.35

AND

zyxelvpn100Match-

Node

zyxelvpn1000_firmwareRange5.00–5.35

AND

zyxelvpn1000Match-

Node

zyxelvpn300_firmwareRange5.00–5.35

AND

zyxelvpn300Match-

Node

zyxelvpn50_firmwareRange5.00–5.35

AND

zyxelvpn50Match-

Node

zyxelusg_20w-vpn_firmwareRange5.10–5.32

AND

zyxelusg_20w-vpnMatch-

Node

zyxelatp100_firmwareRange5.10–5.32

AND

zyxelatp100Match-

Node

zyxelatp100w_firmwareRange5.10–5.32

AND

zyxelatp100wMatch-

Node

zyxelatp200_firmwareRange5.10–5.32

AND

zyxelatp200Match-

Node

zyxelatp500_firmwareRange5.10–5.32

AND

zyxelatp500Match-

Node

zyxelatp700_firmwareRange5.10–5.32

AND

zyxelatp700Match-

Node

zyxelatp800_firmwareRange5.10–5.32

AND

zyxelatp800Match-

CPENameOperatorVersion
zyxel:usg_flex_100_firmwarezyxel usg flex 100 firmwarele5.32

CPE	Name	Operator	Version
zyxel:usg_flex_100_firmware	zyxel usg flex 100 firmware	le	5.32

CNA Affected

[
  {
    "vendor": "Zyxel",
    "product": "ATP series firmware",
    "versions": [
      {
        "version": "5.10 through 5.32",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Zyxel",
    "product": "USG FLEX series firmware",
    "versions": [
      {
        "version": "5.00 through 5.32",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Zyxel",
    "product": "USG FLEX 50(W) firmware",
    "versions": [
      {
        "version": "5.10 through 5.32",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Zyxel",
    "product": "USG20(W)-VPN firmware",
    "versions": [
      {
        "version": "5.10 through 5.32",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Zyxel",
    "product": "VPN series firmware",
    "versions": [
      {
        "version": "5.00 through 5.35",
        "status": "affected"
      }
    ]
  }
]

References

www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.9%

JSON

Related for CVE-2023-22917

cvelist1 prion1 nvd1