CVE-2023-33009
Last modified
CVE-2023-33009 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.. CISA has confirmed active exploitation in the wild. EPSS estimates a 28.14% chance of exploitation in the next 30 days.
Description
A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitation Status
This vulnerability is listed in CISA’s Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. Federal agencies must remediate by .
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Zyxel | Atp100 Firmware | >= 4.60, < 5.36 |
| Zyxel | Atp100 Firmware | 5.36 |
| Zyxel | Atp200 Firmware | >= 4.60, < 5.36 |
| Zyxel | Atp200 Firmware | 5.36 |
| Zyxel | Atp500 Firmware | >= 4.60, < 5.36 |
| Zyxel | Atp500 Firmware | 5.36 |
| Zyxel | Atp100w Firmware | >= 4.60, < 5.36 |
| Zyxel | Atp100w Firmware | 5.36 |
| Zyxel | Atp700 Firmware | >= 4.60, < 5.36 |
| Zyxel | Atp700 Firmware | 5.36 |
| Zyxel | Atp800 Firmware | >= 4.60, < 5.36 |
| Zyxel | Atp800 Firmware | 5.36 |
| Zyxel | Usg Flex 100 Firmware | >= 4.60, < 5.36 |
| Zyxel | Usg Flex 100 Firmware | 5.36 |
| Zyxel | Usg Flex 50 Firmware | >= 4.60, < 5.36 |
| Zyxel | Usg Flex 50 Firmware | 5.36 |
| Zyxel | Usg Flex 200 Firmware | >= 4.60, < 5.36 |
| Zyxel | Usg Flex 200 Firmware | 5.36 |
| Zyxel | Usg Flex 500 Firmware | >= 4.60, < 5.36 |
| Zyxel | Usg Flex 500 Firmware | 5.36 |
| Zyxel | Usg Flex 700 Firmware | >= 4.60, < 5.36 |
| Zyxel | Usg Flex 700 Firmware | 5.36 |
| Zyxel | Usg Flex 100w Firmware | >= 4.60, < 5.36 |
| Zyxel | Usg Flex 100w Firmware | 5.36 |
| Zyxel | Usg Flex 50w Firmware | >= 4.60, < 5.36 |
| Zyxel | Usg Flex 50w Firmware | 5.36 |
| Zyxel | Usg 20w-Vpn Firmware | >= 4.60, < 5.36 |
| Zyxel | Usg 20w-Vpn Firmware | 5.36 |
| Zyxel | Vpn100 Firmware | >= 4.60, < 5.36 |
| Zyxel | Vpn100 Firmware | 5.36 |
| Zyxel | Vpn50 Firmware | >= 4.60, < 5.36 |
| Zyxel | Vpn50 Firmware | 5.36 |
| Zyxel | Vpn300 Firmware | >= 4.60, < 5.36 |
| Zyxel | Vpn300 Firmware | 5.36 |
| Zyxel | Vpn1000 Firmware | >= 4.60, < 5.36 |
| Zyxel | Vpn1000 Firmware | 5.36 |
| Zyxel | Usg20-Vpn Firmware | >= 4.60, < 5.36 |
| Zyxel | Usg20-Vpn Firmware | 5.36 |
| Zyxel | Usg 40 Firmware | >= 4.60, < 4.73 |
| Zyxel | Usg 40 Firmware | 4.73 |
| Zyxel | Usg 40w Firmware | >= 4.60, < 4.73 |
| Zyxel | Usg 40w Firmware | 4.73 |
| Zyxel | Usg 60w Firmware | >= 4.60, < 4.73 |
| Zyxel | Usg 60w Firmware | 4.73 |
| Zyxel | Usg 60 Firmware | >= 4.60, < 4.73 |
| Zyxel | Usg 60 Firmware | 4.73 |
References
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-33009US Government Resource
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2023-33009?
How severe is CVE-2023-33009?
How do I fix CVE-2023-33009?
Are you affected by CVE-2023-33009?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST