Is USG50 vulnerable? CVE-2020-9054
Freshman MemberComments
-
Has anybody already installed the
CVE-2020-9054 patch on an USG device? Any problems to be expected?
0 -
Just installed the patch on our USG110. But contrary to the name stated at the support website "V4.35(AAPH.3)C0", the installed patch reads: "V4.35(AAPH.2)ITS-WK08-r92067". Is it correct?
0 -
Hi @abc
Welcome to Zyxel community
USG 50 is not mentioned in the security advisory list of vulnerable firewalls because it is not affected.
In the article : https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml has mentioned:
UTM, ATP, and VPN firewalls running firmware version ZLD V4.35 Patch 0 through ZLD V4.35 Patch 2. Those with firmware versions before ZLD V4.35 Patch 0 are NOT affected.
Hi @USG_User ,
Yes it’s the correct version. The version is a hotfix for this vulnerability. This fix will also be included into the upcoming formal release.
0
Master Member
Zyxel Employee
Categories
- All Categories
- 435 Beta Program
- 2.7K Nebula
- 176 Nebula Ideas
- 118 Nebula Status and Incidents
- 6.1K Security
- 428 USG FLEX H Series
- 298 Security Ideas
- 1.6K Switch
- 79 Switch Ideas
- 1.2K Wireless
- 44 Wireless Ideas
- 6.7K Consumer Product
- 274 Service & License
- 422 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 89 Security Highlight
