Zyxel recently discovered two critical vulnerabilities in some of its network devices and urged users to apply the patch immediately.
Both vulnerabilities are buffer overflows that allow denial of service (DoS) attacks and remote code execution (RCE) attacks. Both have been detected in some Zyxel firewall and VPN products and have a severity rating of 9.8 (critical). ). They are currently being tracked as CVE-2023-33009 and CVE-2023-33010.
“Zyxel has released patches for firewalls that are affected by multiple buffer overflow vulnerabilities,” reads the company’s security advisory. “Users are advised to install them for optimal protection.”
This applies to many devices
To check if your endpoints are vulnerable, check if they are supported by this firmware:
- Zyxel ATP Firmware Versions ZLD V4.32 to V5.36 Patch 1 (Fixed in ZLD V5.36 Patch 2)
- Zyxel USG FLEX firmware versions ZLD V4.50 to V5.36 Patch 1 (Fixed in ZLD V5.36 Patch 2)
- Zyxel Firmware Versions USG FLEX50(W) / USG20(W)-VPN ZLD V4.25 to V5.36 Patch 1 (Fixed in ZLD V5.36 Patch 2)
- Zyxel VPN Firmware Versions ZLD V4.30 to V5.36 Patch 1 (Fixed in ZLD V5.36 Patch 2)
- Zyxel ZyWALL/USG Firmware Versions ZLD V4.25 to V4.73 Patch 1 (Fixed in ZLD V4.73 Patch 2)
While vendors are usually quick to release patches for major vulnerabilities, organizations are not as scrupulous about applying them, risking data breaches and, in some cases, even ransomware.
Small and medium-sized businesses may be particularly at risk as these are typical target markets for the affected products used to protect their networks and enable secure access for remote and home workers.
As Zyxel released the patch, cybercriminals will be monitoring the open internet for vulnerable versions of endpoints and will look for opportunities to exploit.