ZLD4.73 & ZLD5.36 patch 2 Official Version Released to address Buffer Overflow Issues
Dear Community members.
We have been notified several VPN connection related issues and network interruptions reported to us currently. In response to this issue, we have expedited the development of firmware applicable to all models, which is intended to address and promptly rectify the situation.They are available for immediate downloads in below link
USG FLEX/ATP/VPN Series (Release date: May, 2023)
USG FLEX 50
USG FLEX 50W
USG FLEX 100
USG FLEX 100W
USG FLEX 200
USG FLEX 500
USG FLEX 700
USG/ZyWALL Series (Release date: May, 2023)
I can't reach the web console of the usg flex 100, how can I update the firmware? Do I necessarily have to reset it?0
Please check the supportpage of Zyxel EMEA, there you find ann FAQ covering your issue:
Hello, all out of a sudden 1 after another of our firewalls aren't reachable through console or do not have internetaccess, this in the past hour.
However automatic firmware updating is disabled, is this something that has been pushed and now causes big problems?0
Please check the information and follow the guides indicated on our Zyxel EMEA Support Portal:
You might need to reboot your device to get access to stabilize it first and being able to access it. If you still have issues, please feel free to contact our Zyxel EMEA Support team on https://support.zyxel.eu0
This of course wasn't my question, I do know of the hotfix. My question is: why is this happening on al our firewall's at the same time when automatic updating is disabled? We have 50 ZyXEL FLEX Firewalls(mostly 100/200 and couple of 50/500's) running, 34 USG40/60 and 6 ZyWALL 110!! Many of them with (L2TP over) IPSEC tunnels configured… This is dramatic if we have to update all 90 of them on site.1
We also have circa 3 USG40W and 3 USG60 deployed and half of them are affected by this incident. USG40W becomes totally unreachable after about 2 hours and USG60 is reachable, however it drops all VPN connections after a couple of minutes.
PS: To mitigate the issue until we can update the FW on-site, it helped to limit WAN ports for VPN using Geo-IPs (in Policy Rules).0
It shouldn't be force upgrade on your device, are all your on-cloud devices be upgraded automatically? Would you share your org information with us in private message and we'd like to learn more from it.
We deeply apologized for certain inconvenience happened to you.
Will do that shortly. But now we have upgraded couple of the most urgent ones with site 2 site connections (14 devices have site 2 site, client to site think we have like 20 of those) to the firmware I downloaded above for FLEX 200 (V5.36(ABUI.1)ITS-23WK21-r109592 / 2023-05-23 18:54:50) which is V5.36 Patch 1.
Now we receive a mail from ZyXEL which shows me this:
Please don't tell me that Patch 1 is impacted as well??0
@nielsscheldeman The FW version you have applied (V5.36(ABUI.1)ITS-23WK21-r109592 / 2023-05-23 18:54:50) isn't "Patch 1", but a "Patch-1 Hotfix-23WK21" firmware which should be the same as Patch 2 (which is the official FW bundle).1
I've got several IPSEC VPN with a center USG210 and the branches are on old USG20 series (7)
Is there a fix or a method to mount the VPN since the hotfix.
I've already installer the fix for the USG210 but the others usg20 are stuck and the VPN won't lift.0
- 8.5K All Categories
- 1.6K Nebula
- 72 Nebula Ideas
- 57 Nebula Status and Incidents
- 4.5K Security
- 227 Security Ideas
- 985 Switch
- 46 Switch Ideas
- 882 WirelessLAN
- 24 WLAN Ideas
- 5.1K Consumer Product
- 158 Service & License
- 280 News and Release
- 99 Success Stories
- 61 Security Advisories
- 13 Education Center
- 581 FAQ
- 263 Nebula FAQ
- 160 Security FAQ
- 76 Switch FAQ
- 75 WirelessLAN FAQ
- 7 Consumer Product FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 62 About Community
- 46 Security Highlight