CVE Catalog

Actively exploited in the wild

Zyxel Multiple Firewalls Buffer Overflow Vulnerability

Zyxel — Multiple Firewalls · Listed in the CISA KEV since 2023-06-05. This indicates confirmed attacks in production environments.

Required action: Apply updates per vendor instructions.

CVE-2023-33009

CriticalCVSS 9.8KEV
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Very high risk
28.14%

98th percentile — higher than 98% of all known CVEs

Summary

CVE-2023-33009 describes a buffer overflow vulnerability in the notification function in the firmware of Zyxel ATP series, USG FLEX series, USG20(W)-VPN, VPN series, and ZyWALL/USG series. This could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even remote code execution on an affected device.

Risk Assessment

The risk to the organization includes the potential for remote code execution and denial-of-service, which could lead to significant disruptions in system operations.

Recommendation

It is recommended to update the firmware to the latest version to mitigate this vulnerability and to monitor systems for unauthorized activities.

Original NVD description (English source)

A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS