CVE-2019-15802

Name: CVE-2019-15802
Creator: NVD / NIST
Published: 2019-11-14T21:15:11.797+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.9/10EPSS 1.50%

Last modified Jun 17, 2026

CVE-2019-15802 is a medium-severity vulnerability rated 5.9/10 on the CVSS scale. An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware hashes and encrypts passwords using a hardcoded cryptographic key in sal_util_str_encrypt() in libsal.so.0.0. EPSS estimates a 1.50% chance of exploitation in the next 30 days.

Description

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware hashes and encrypts passwords using a hardcoded cryptographic key in sal_util_str_encrypt() in libsal.so.0.0. The parameters (salt, IV, and key data) are used to encrypt and decrypt all passwords using AES256 in CBC mode. With the parameters known, all previously encrypted passwords can be decrypted. This includes the passwords that are part of configuration backups or otherwise embedded as part of the firmware.

Metrics

CVSS 3.1

5.9/10

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Probability

1.50%

71.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-798

Affected Software

Vendor	Product	Versions
Zyxel	Gs1900-8 Firmware	< 2.50\(aahh.0\)c0
Zyxel	Gs1900-8hp Firmware	< 2.50\(aahi.0\)c0
Zyxel	Gs1900-10hp Firmware	< 2.50\(aazi.0\)c0
Zyxel	Gs1900-16 Firmware	< 2.50\(aahj.0\)c0
Zyxel	Gs1900-24e Firmware	< 2.50\(aahk.0\)c0
Zyxel	Gs1900-24 Firmware	< 2.50\(aahl.0\)c0
Zyxel	Gs1900-24hp Firmware	< 2.50\(aahm.0\)c0
Zyxel	Gs1900-48 Firmware	< 2.50\(aahn.0\)c0
Zyxel	Gs1900-48hp Firmware	< 2.50\(aaho.0\)c0

References

https://jasper.la/exploring-zyxel-gs1900-firmware-with-ghidra.htmlExploit, Third Party Advisory
https://www.zyxel.com/support/gs1900-switch-vulnerabilities.shtmlVendor Advisory
https://jasper.la/exploring-zyxel-gs1900-firmware-with-ghidra.htmlExploit, Third Party Advisory
https://www.zyxel.com/support/gs1900-switch-vulnerabilities.shtmlVendor Advisory

Timeline

Published: Nov 14, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-15802?

How severe is CVE-2019-15802?

CVE-2019-15802 has a CVSS score of 5.9/10 (MEDIUM severity). The EPSS model estimates a 1.50% probability of exploitation in the next 30 days.

How do I fix CVE-2019-15802?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-15802?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST