Pierluigi Paganini February 27, 2024
Taiwanese networking vendor Zyxel addressed four vulnerabilities, respectively tracked as CVE-2023-6397, CVE-2023-6398, CVE-2023-6399, and CVE-2023-6764, in its firewalls and access points.
The flaws can be exploited by threat actors to carry out command injection and denial-of-service attacks and to achieve remote code execution.
Below is the list of the flaws addressed by the company:
Below are the lists of impacted devices:
Firewall series | Affected version | Patch availability | |||
---|---|---|---|---|---|
CVE-2023-6397 | CVE-2023-6398 | CVE-2023-6399 | CVE-2023-6764 | ||
ATP | ZLD V4.32 to V5.37 Patch 1 | ZLD V4.32 to V5.37 Patch 1 | ZLD V5.10 to V5.37 Patch 1 | ZLD V4.32 to V5.37 Patch 1 | ZLD V5.37 Patch 2 |
USG FLEX | ZLD V4.50 to V5.37 Patch 1 | ZLD V4.50 to V5.37 Patch 1 | ZLD V5.10 to V5.37 Patch 1 | ZLD V4.50 to V5.37 Patch 1 | ZLD V5.37 Patch 2 |
USG FLEX 50(W)/USG20(W)-VPN | Not affected | ZLD V4.16 to V5.37 Patch 1 | ZLD V5.10 to V5.37 Patch 1 | ZLD V4.16 to V5.37 Patch 1 | ZLD V5.37 Patch 2 |
USG FLEX H | Not affected | uOS V1.10 to V1.10 Patch 1 | uOS V1.10 to V1.10 Patch 1 | Not affected | Hotfix is available* Standard patch uOS V1.20 in April 2024 |
Table 2. APs affected by CVE-2023-6398
AP model | Affected version | Patch availability |
---|---|---|
NWA50AX | 6.29(ABYW.3) and earlier | 6.29(ABYW.4) |
NWA55AXE | 6.29(ABZL.3) and earlier | 6.29(ABZL.4) |
NWA90AX | 6.29(ACCV.3) and earlier | 6.29(ACCV.4) |
NWA110AX | 6.65(ABTG.1) and earlier | 6.70(ABTG.2) |
NWA210AX | 6.65(ABTD.1) and earlier | 6.70(ABTD.2) |
NWA220AX-6E | 6.65(ACCO.1) and earlier | 6.70(ACCO.1) |
NWA1123ACv3 | 6.65(ABVT.1) and earlier | 6.70(ABVT.1) |
WAC500 | 6.65(ABVS.1) and earlier | 6.70(ABVS.1) |
WAC500H | 6.65(ABWA.1) and earlier | 6.70(ABWA.1) |
WAX300H | 6.60(ACHF.1) and earlier | 6.70(ACHF.1) |
WAX510D | 6.65(ABTF.1) and earlier | 6.70(ABTF.2) |
WAX610D | 6.65(ABTE.1) and earlier | 6.70(ABTE.2) |
WAX620D-6E | 6.65(ACCN.1) and earlier | 6.70(ACCN.1) |
WAX630S | 6.65(ABZD.1) and earlier | 6.70(ABZD.2) |
WAX640S-6E | 6.65(ACCM.1) and earlier | 6.70(ACCM.1) |
WAX650S | 6.65(ABRM.1) and earlier | 6.70(ABRM.2) |
WAX655E | 6.65(ACDO.1) and earlier | 6.70(ACDO.1) |
WBE660S | 6.65(ACGG.1) and earlier | 6.70(ACGG.2) |
NWA50AX-PRO | 6.65(ACGE.1) and earlier | Hotfix is available upon request* Standard patch 6.80(ACGE.0) in July 2024 |
NWA90AX-PRO | 6.65(ACGF.1) and earlier | Hotfix is available upon request* Standard patch 6.80(ACGF.0) in July 2024 |
The Taiwanese vendor acknowledged Lays and atdog from TRAPA Security for reporting these flaws.
Customers are recommended to install the security patches as soon as possible.
Follow me on Twitter: @securityaffairs and Facebook
(SecurityAffairs – hacking, cyberattack)