October 3, 2023

Zyxel has addressed two critical buffer overflow vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010, that affect several of its firewall and VPN products.

A remote, unauthenticated attacker can trigger the flaws to cause a denial-of-service condition and remote code execution on vulnerable devices.

Below are the description for both issues provided by the vendor in a security advisory:

CVE-2023-33009 with a CVSS Score of 9.8 is a buffer overflow vulnerability in the notification function in some firewall versions that could allow an unauthenticated attacker to cause denial-of-service conditions and even a remote code execution on an affected device.

CVE-2023-33010 with a CVSS score of 9.8 is also a buffer overflow vulnerability in the ID processing function in some firewall versions could allow an unauthenticated attacker to cause Denial of Service conditions and even a remote code execution on an affected device

It is recommended to install security updates provided to address the issues.

Tags:

Leave a Reply

You may have missed

Industrial Control Systems and Vulnerability Management Process

October 2, 2023

McLaren Healthcare suffers a Ransomware Incident

October 2, 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – September, 2023

October 2, 2023

TheCyberThrone Security Week In Review – September 30, 2023

October 1, 2023

Mozilla fixes CVE-2023-5217 Vulnerability in its Products

September 30, 2023

CISA KEV Update Part III – September 2023

September 30, 2023
%d bloggers like this: