Is USG50 vulnerable? CVE-2020-9054
Freshman MemberComments
-
Has anybody already installed the
CVE-2020-9054 patch on an USG device? Any problems to be expected?
0 -
Just installed the patch on our USG110. But contrary to the name stated at the support website "V4.35(AAPH.3)C0", the installed patch reads: "V4.35(AAPH.2)ITS-WK08-r92067". Is it correct?
0 -
Hi @abc
Welcome to Zyxel community
USG 50 is not mentioned in the security advisory list of vulnerable firewalls because it is not affected.
In the article : https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml has mentioned:
UTM, ATP, and VPN firewalls running firmware version ZLD V4.35 Patch 0 through ZLD V4.35 Patch 2. Those with firmware versions before ZLD V4.35 Patch 0 are NOT affected.
Hi @USG_User ,
Yes it’s the correct version. The version is a hotfix for this vulnerability. This fix will also be included into the upcoming formal release.
0
Master Member
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 152 Nebula Ideas
- 101 Nebula Status and Incidents
- 5.8K Security
- 296 USG FLEX H Series
- 281 Security Ideas
- 1.5K Switch
- 77 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 254 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 76 Security Highlight
