Is USG50 vulnerable? CVE-2020-9054
Freshman MemberComments
-
Has anybody already installed the
CVE-2020-9054 patch on an USG device? Any problems to be expected?
0 -
Just installed the patch on our USG110. But contrary to the name stated at the support website "V4.35(AAPH.3)C0", the installed patch reads: "V4.35(AAPH.2)ITS-WK08-r92067". Is it correct?
0 -
Hi @abc
Welcome to Zyxel community
USG 50 is not mentioned in the security advisory list of vulnerable firewalls because it is not affected.
In the article : https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml has mentioned:
UTM, ATP, and VPN firewalls running firmware version ZLD V4.35 Patch 0 through ZLD V4.35 Patch 2. Those with firmware versions before ZLD V4.35 Patch 0 are NOT affected.
Hi @USG_User ,
Yes it’s the correct version. The version is a hotfix for this vulnerability. This fix will also be included into the upcoming formal release.
0
Master Member
Zyxel Employee
Categories
- All Categories
- 434 Beta Program
- 2.7K Nebula
- 174 Nebula Ideas
- 117 Nebula Status and Incidents
- 6.1K Security
- 418 USG FLEX H Series
- 297 Security Ideas
- 1.6K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 43 Wireless Ideas
- 6.7K Consumer Product
- 269 Service & License
- 416 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 87 Security Highlight
