Critical Security Flaw Found in Zyxel Firewall Devices: What You Need to Know and How to Protect Your Network
A popular networking equipment manufacturer, Zyxel, recently announced that its firewall devices have been found vulnerable to a critical security flaw that could lead to remote code execution on impacted systems. According to TRAPA Security researchers, the flaw has a CVSS score of 9.8.
The vulnerability, known as CVE-2023-28771, is particularly severe as it arises from improper error message handling in some firewall versions, allowing an attacker to remotely execute OS commands via crafted packets, even without authentication. Devices impacted by this flaw include ATP, USG FLEX, VPN, and ZyWALL/USG, running on versions ZLD V4.60 to V5.35.
Besides, Zyxel also addressed a high-severity post-authentication command injection vulnerability affecting certain firewall versions (CVE-2023-27991, CVSS score: 8.8), which could allow authenticated attackers to execute OS commands remotely. The vulnerability was resolved in ZLD V5.36. Both these vulnerabilities could result in the execution of arbitrary code remotely and cause a denial-of-service (DoS) condition.
Lastly, Zyxel has issued patches for five high-severity flaws that impact several firewalls and access point (AP) devices (CVE-2023-22913 to CVE-2023-22918). The most severe of these flaws, CVE-2022-43389, is a buffer overflow vulnerability affecting 5G NR/4G LTE CPE devices. Positive Technologies discovered these issues.
It's crucial to prioritize network infrastructure security to protect your organization from potential risks such as remote code execution. Applying the available patches immediately is strongly recommended.
In addition to patching your systems, it's essential to engage with risk-based vulnerability services to assess your organization's security posture and identify any potential vulnerabilities. By proactively addressing vulnerabilities, you can minimize the risk of a security breach and safeguard your organization's critical assets.
At Armoryze, we offer cutting-edge vulnerability management services that employ advanced technology and skilled analysts to detect, prioritize, and remediate vulnerabilities across your network. Our services provide the visibility and insights required to manage your organization's cybersecurity risks proactively.
Don't wait until it's too late to address vulnerabilities in your network. Contact Armoryze today to learn more about our risk-based vulnerability management services and how we can help protect your business from the latest threats.