Lucene search

ZyxelCVE-2023-4398

HistoryNov 28, 2023 - 2:15 a.m.

CVE-2023-4398

2023-11-2802:15:43

CWE-190

Zyxel

web.nvd.nist.gov

cve-2023-4398

integer overflow

quicksec

ipsec toolkit

zyxel

vpn

denial-of-service

dos

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

20.5%

JSON

An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions on an affected device by sending a crafted IKE packet.

Affected configurations

Nvd

Node

zyxelzldRange4.32–5.37

AND

zyxelatp100Match-

zyxelatp100wMatch-

zyxelatp200Match-

zyxelatp500Match-

zyxelatp700Match-

zyxelatp800Match-

Node

zyxelzldRange4.50–5.37

AND

zyxelusg_flex_100Match-

zyxelusg_flex_100wMatch-

zyxelusg_flex_200Match-

zyxelusg_flex_50Match-

zyxelusg_flex_500Match-

zyxelusg_flex_50wMatch-

zyxelusg_flex_700Match-

Node

zyxelzldRange4.16–5.37

AND

zyxelusg_20w-vpnMatch-

zyxelvpn50wMatch-

Node

zyxelzldRange4.30–5.37

AND

zyxelvpn100Match-

zyxelvpn1000Match-

zyxelvpn300Match-

zyxelvpn50Match-

VendorProductVersionCPE
zyxelzld*cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*
zyxelatp100-cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*
zyxelatp100w-cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*
zyxelatp200-cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*
zyxelatp500-cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*
zyxelatp700-cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*
zyxelatp800-cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*
zyxelusg_flex_100-cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*
zyxelusg_flex_100w-cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*
zyxelusg_flex_200-cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
zyxel	zld	*	cpe:2.3:o:zyxel:zld::::::::
zyxel	atp100	-	cpe:2.3:h:zyxel:atp100:-:::::::*
zyxel	atp100w	-	cpe:2.3:h:zyxel:atp100w:-:::::::*
zyxel	atp200	-	cpe:2.3:h:zyxel:atp200:-:::::::*
zyxel	atp500	-	cpe:2.3:h:zyxel:atp500:-:::::::*
zyxel	atp700	-	cpe:2.3:h:zyxel:atp700:-:::::::*
zyxel	atp800	-	cpe:2.3:h:zyxel:atp800:-:::::::*
zyxel	usg_flex_100	-	cpe:2.3:h:zyxel:usg_flex_100:-:::::::*
zyxel	usg_flex_100w	-	cpe:2.3:h:zyxel:usg_flex_100w:-:::::::*
zyxel	usg_flex_200	-	cpe:2.3:h:zyxel:usg_flex_200:-:::::::*

Rows per page:

1-10 of 201

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "ATP series firmware",
    "vendor": "Zyxel",
    "versions": [
      {
        "status": "affected",
        "version": "versions 4.32 through 5.37"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "USG FLEX series firmware",
    "vendor": "Zyxel",
    "versions": [
      {
        "status": "affected",
        "version": "versions 4.50 through 5.37"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "USG FLEX 50(W) series firmware",
    "vendor": "Zyxel",
    "versions": [
      {
        "status": "affected",
        "version": "versions 4.16 through 5.37"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "USG20(W)-VPN series firmware",
    "vendor": "Zyxel",
    "versions": [
      {
        "status": "affected",
        "version": "versions 4.16 through 5.37"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "VPN series firmware",
    "vendor": "Zyxel",
    "versions": [
      {
        "status": "affected",
        "version": "versions 4.30 through 5.37"
      }
    ]
  }
]

References

www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

20.5%

JSON

Related for CVE-2023-4398