Total Communications InfoSec 2023 Karachi, Pakistan
July 20, 2023Rewterz Threat Advisory – ICS: Rockwell Automation ThinManager ThinServer Vulnerability
July 21, 2023Total Communications InfoSec 2023 Karachi, Pakistan
July 20, 2023Rewterz Threat Advisory – ICS: Rockwell Automation ThinManager ThinServer Vulnerability
July 21, 2023Severity
High
Analysis Summary
CVE-2023-28767
Multiple Zyxel devices could allow a remote attacker to execute arbitrary commands on the system, caused by improper input validation by the configuration parser when the cloud management mode is enabled. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
- Command Execution
Indicators Of Compromise
CVE
- CVE-2023-28767
Affected Vendors
Zyxel
Affected Products
- Zyxel ATP ZLD 5.10
- Zyxel USG FLEX ZLD 5.00
- Zyxel VPN ZLD 5.00
- Zyxel USG FLEX 50(W) / USG20(W)-VPN ZLD 5.10
- Zyxel ATP ZLD 5.36
- Zyxel USG FLEX ZLD 5.36
- Zyxel USG FLEX 50(W) / USG20(W)-VPN ZLD 5.36
- Zyxel VPN ZLD 5.36
Remediation
Refer to Zyxel Web site for patch, upgrade or suggested workaround information.