Is USG50 vulnerable? CVE-2020-9054
Comments
-
Has anybody already installed the
CVE-2020-9054 patch on an USG device? Any problems to be expected?
0 -
Just installed the patch on our USG110. But contrary to the name stated at the support website "V4.35(AAPH.3)C0", the installed patch reads: "V4.35(AAPH.2)ITS-WK08-r92067". Is it correct?
0 -
Hi @abc
Welcome to Zyxel community
USG 50 is not mentioned in the security advisory list of vulnerable firewalls because it is not affected.
In the article : https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml has mentioned:
UTM, ATP, and VPN firewalls running firmware version ZLD V4.35 Patch 0 through ZLD V4.35 Patch 2. Those with firmware versions before ZLD V4.35 Patch 0 are NOT affected.
Hi @USG_User ,
Yes it’s the correct version. The version is a hotfix for this vulnerability. This fix will also be included into the upcoming formal release.
Engage in the Community, become an MVP, and win exclusive prizes!
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 218 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 245 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight