USG110 - FW v4.72 - different vulnerabilities solved (or not?)
Options
Master Member
Just reading the feature log of the latest FW patch v4.72. It's listing the following vulnerabilities which have been dealt with:
CVE-2022-0778
CVE-2022-0342
CVE-2021-44224
So far so good. But your latest security advisory of today ( https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml ) is listing the following v4.71 vulnerabilities, which should be mitigated by v4.72, too:
CVE-2022-26531
CVE-2022-26532
CVE-2022-0910
Why nothing of these vulnerabilities is written about in the v4.72 feature log?
0
All Replies
-
As a personal opinion, these vulnerabilities are not yet mitigated/solved into 4.72.Why nothing of these vulnerabilities is written about in the v4.72 feature log?
0 -
Hi @USG_User
We're sorry for the confusion
This vulnerability has been fixed aggressively into regular release but we did not disclose it since the official disclosure time has not been aligned with the researcher at that moment. In the meantime, we also updated device what's new with CVE info afterward, expected users getting real time notice from device directly.
Here it is the what's new content:
0
Guru Member
Zyxel Employee
Categories
- All Categories
- 442 Beta Program
- 3K Nebula
- 223 Nebula Ideas
- 129 Nebula Status and Incidents
- 6.6K Security
- 628 USG FLEX H Series
- 353 Security Ideas
- 1.8K Switch
- 85 Switch Ideas
- 1.4K Wireless
- 54 Wireless Ideas
- 7K Consumer Product
- 299 Service & License
- 492 News and Release
- 92 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.8K FAQ
- 34 Documents
- 88 About Community
- 108 Security Highlight
