Zyxel security advisory for insufficient entropy vulnerability of GS1900 series switches

Zyxel_May
Zyxel_May Posts: 121  Ally Member
First Anniversary First Comment
edited November 2022 in Security Advisories

CVE: CVE-2022-34746

Summary

Zyxel has released patches for GS1900 series switches affected by an insufficient entropy vulnerability. Users are advised to install them for optimal protection.


What is the vulnerability?

An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series switches. This vulnerability could allow an attacker to retrieve a private key by factoring the RSA modulus N in the certificate of the web administration interface. In addition, the attacker could use the private key to decrypt TLS-secured connections or impersonate the certificate owner.


What versions are vulnerable-and what should you do?

After a thorough investigation, we have identified the vulnerable products that are within their vulnerability support period, with their firmware patches shown in the table below.

Affected model

Affected version

Patch availability

GS1900-8

V2.60(AAHH.4)C0

V2.70(AAHH.3)C0

GS1900-8HP

V2.60(AAHI.4)C0

V2.70(AAHI.3)C0

GS1900-10HP

V2.60(AAZI.4)C0

V2.70(AAZI.3)C0

GS1900-16

V2.60(AAHJ.4)C0

V2.70(AAHJ.3)C0

GS1900-24

V2.60(AAHL.4)C0

V2.70(AAHL.3)C0

GS1900-24E

V2.60(AAHK.4)C0

V2.70(AAHK.3)C0

GS1900-24EP

V2.60(ABTO.4)C0

V2.70(ABTO.3)C0

GS1900-24HPv2

V2.60(ABTP.4)C0

V2.70(ABTP.3)C0

GS1900-48

V2.60(AAHN.4)C0

V2.70(AAHN.3)C0

GS1900-48HPv2

V2.60(ABTQ.4)C0

V2.70(ABTQ.3)C0


Got a question?

Please contact your local service rep or visit Zyxel’s Community for further information or assistance.


Acknowledgment

Thanks to the following researchers for reporting the issue to us:

  • Chris Papathanasiou and Kyprianos Vasilopoulos from Panthera Labs
  • Maximilian Radoy, Sven Hebrok, Robert Merget, and Juraj Somorovsky from Paderborn University
  • CERT-Bund, the Computer Emergency Response Team for Germany's federal authorities

Revision history

2022-09-20: Initial release.

Comments

  • mMontana
    mMontana Posts: 1,298  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited September 2022
    Seems that link for V2.70(AAHI.3)C0 for GS-1900-8HP doesn't work.
    Edit: same version seem released 9th august 2022. This latter is already containing the patch for the vulnerability disclosed?
  • tonygibbs16
    tonygibbs16 Posts: 825  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    mMontana said:
    Seems that link for V2.70(AAHI.3)C0 for GS-1900-8HP doesn't work.
    Edit: same version seem released 9th august 2022. This latter is already containing the patch for the vulnerability disclosed?
    There is an erroneous %10 on the end of the link, following the .zip