Rewterz Threat Advisory – CVE-2023-20275 – Cisco Adaptive Security Appliance and Firepower Threat Defense Software Vulnerability
December 6, 2023Rewterz Threat Alert – STOP aka DJVU Ransomware – Active IOCs
December 6, 2023Rewterz Threat Advisory – CVE-2023-20275 – Cisco Adaptive Security Appliance and Firepower Threat Defense Software Vulnerability
December 6, 2023Rewterz Threat Alert – STOP aka DJVU Ransomware – Active IOCs
December 6, 2023Severity
Medium
Analysis Summary
CVE-2023-4397 CVSS:4.4
Zyxel products are vulnerable to a denial of service, caused by a buffer overflow. By using a specially crafted string, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-35136 CVSS:5.5
Zyxel ATP and USG FLEX series devices could allow a local authenticated attacker to obtain sensitive information, caused by improper validation of user-supplied input by the Quagga package. An attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-35139 CVSS:5.2
Zyxel ATP and USG FLEX series devices is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by a specific CGI used for dumping ZTP logs. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-37926 CVSS:5.5
Zyxel ATP and USG FLEX series devices is vulnerable to a denial of service, caused by a buffer overflow vulnerability. By executing the CLI command to dump system logs on an affected device, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-5960 CVSS:5.5
Zyxel USG FLEX series devices could allow a remote attacker to obtain sensitive information, caused by improper privilege management in the hotspot feature. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-37925 CVSS:5.5
Zyxel ATP and USG FLEX series devices could allow a local authenticated attacker to obtain sensitive information, caused by improper privilege management in the debug CLI command. An attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-4398 CVSS:7.5
Zyxel products are vulnerable to a denial of service, caused by an integer overflow in the QuickSec IPSec toolkit. By sending a specially crafted IKE packet, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-5797 CVSS:5.5
Zyxel USG FLEX series devices could allow a remote attacker to obtain sensitive information, caused by improper privilege management in the debug CLI command. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-5650 CVSS:5.5
Zyxel USG FLEX series devices could allow a remote attacker to bypass security restrictions, caused by improper privilege management in the ZySH. By sending a specially crafted request, an attacker could exploit this vulnerability to modify the URL of the registration page in the web GUI of an affected device.
CVE-2023-5593 CVSS:7.8
Zyxel SecuExtender SSL VPN Client could allow a local authenticated attacker to gain elevated privileges on the system, caused by an out-of-bounds write flaw. By sending a specially crafted CREATE message, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2023-35140 CVSS:5.5
Zyxel GS1900 series switches could allow a local authenticated attacker to bypass security restrictions, caused by improper privilege management. By sending a specially crafted request, an attacker could exploit this vulnerability to modify system settings.
Impact
- Denial of Service
- Information Disclosure
- Cross-Site Scripting
- Security Bypass
- Privileges Escalation
Indicators Of Compromise
CVE
- CVE-2023-4397
- CVE-2023-35136
- CVE-2023-35139
- CVE-2023-37926
- CVE-2023-5960
- CVE-2023-37925
- CVE-2023-4398
- CVE-2023-5797
- CVE-2023-5650
- CVE-2023-5593
- CVE-2023-35140
Affected Vendors
Zyxel
Affected Products
- Zyxel USG FLEX ZLD 4.50
- Zyxel ATP series 5.10
- Zyxel ATP series 5.37
- Zyxel USG FLEX 50(W) 5.37
- Zyxel USG20(W)-VPN 5.37
- Zyxel USG FLEX 50(W) 5.10
- Zyxel USG20(W)-VPN 5.10
- Zyxel VPN 5.00
- Zyxel VPN 5.37
- Zyxel USG FLEX ZLD 5.37
- Zyxel USG FLEX 5.20
- Zyxel USG FLEX 50(W) 4.16
- Zyxel USG20(W)-VPN 4.16
- Zyxel ATP series 4.32
- Zyxel VPN Series 4.30
- Zyxel USG FLEX 50(W) 5.30
- Zyxel USG20(W)-VPN 5.30
- Zyxel ATP series 5.30
- Zyxel VPN Series 5.30
- Zyxel SecuExtender SSL VPN Client 4.0.4.0
- Zyxel GS1900-8 2.70(AAHH.5)
- Zyxel GS1900-8HP 2.70(AAHI.5)
- Zyxel GS1900-10HP 2.70(AAZI.5)
- Zyxel GS1900-16 2.70(AAHJ.5)
- Zyxel GS1900-24 2.70(AAHL.5)
- Zyxel GS1900-24E 2.70(AAHK.5)
- Zyxel GS1900-24EP 2.70(ABTO.5)
- Zyxel GS1900-24HPv2 2.70(ABTP.5)
- Zyxel GS1900-48 2.70(AAHN.5)
Remediation
Refer to Zyxel Website for patch, upgrade or suggested workaround information.