2023/05/23 Urgent Patch Firmware Released to address Buffer Overflow Issues
Ally Member
i have just received a notification that a zero day buffer overflow is being widely exploited against Zyxel firewalls.
Please immediately publish the information known so far to mitigate the threat.
Which service is affected?
Is there IOC for these attacks?
Thanks
Mario
All Replies
-
By the way: The fixed firmware can be found at the following link:
https://onedrive.live.com/?authkey=%21ABWbXyqWe9ilNPE&id=A33C4D75C38DDF7D%2129181&cid=A33C4D75C38DDF7D
0 -
The issue has fixed by firmware. You can download firmware by this thread.
0 -
Thanks for your feedback.
Since zyxel was able to create a fix for the problem, it must be obvious where the problem is?
Over which port / service is the attack taking place?0 -
ATP100 Not working. File damage.
0 -
Additional information can be found at zyxel EMEA
https://support.zyxel.eu/hc/en-us/articles/11616709217810
0 -
Today an USG40W (with SSL VPN enabled) strated freezing up and needed to be restarted manually every 4-5 hours. The unit has had an uptime of over a year without any problems up until today, so I guess this is not a coincidence?
0 -
With an uptime of more than a year, the firewall will still have an old affected firmware on it. Perform a firmware update
0 -
USG40W, ATP100 are also affected. I suggest you upgrade to the latest release. You may reboot the device if the device became irresponsible. Downlink link
Based on our investigation so far, VPN service is the target. The attack is on service port 500.
0 -
I know you are affected. But the firmware of atp100 does not work.
When I reboot after 20 minutes it still has the corrupted firmware
0 -
If you cannot upgrade the firmware successfully, please
STEP1. Download and back up the current running startup-config.conf file. from MAINTENANCE > File Manager > Configuration File.
STEP2. Reboot to the standby partition.
STEP3. Apply the current running startup-config.conf file.
STEP4. Update to our latest firmware V5.36P2.
I suggest you do it nearby the device0
Zyxel Employee
ZCNE Certified
Freshman Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
