Zyxel has released software updates to address two critical security flaws in its firewall and VPN products that could be abused by remote attackers to gain code execution.
The company says that the flaws, CVE-2023-33009 and CVE-20170130, are buffer overflow vulnerabilities.
It notes that the following devices are impacted:ATP (versions ZLD V4.32 to V5.36 Patch 2)USG FLEX (version ZLD/USG) VPN (versions U.S.50 to USG20(W) / VPN) VPN .VPN
Download here.
Security researchers from TRAPA Security and STAR Labs SG have been credited with discovering and reporting the flaws.
The advisory comes less than a month after Zyxel shipped fixes for another critical security flaw in its firefreens.
It allows an unauthenticated attacker to cause a denial-of-service (DoS) condition and remote code execution on affected systems.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply