ZLD4.73 & ZLD5.36 patch 2 Official Version Released to address Buffer Overflow Issues

245678

All Replies

  • GrahamWebb
    GrahamWebb Posts: 21  Freshman Member
    First Comment Friend Collector Second Anniversary

    Thanks and well done for coming up with a fix so quickly! I had this issue on our USG Flex 500 and I had to take a trip into the office to disconnect the WAN link and then power cycle and update to the new firmware. This seems to have resolved the issue now. Will more details be released about this DDOS attack?

  • Unfiniti
    Unfiniti Posts: 3
    First Comment Friend Collector
    edited May 2023


    We would greatly appreciate it if you could provide us with a clear explanation regarding the reasons why this issue occurred on all our firewalls, despite automatic updates being disabled. This would help us take appropriate corrective measures and prevent any future recurrence.

    Therefore, we kindly request that you demonstrate transparency by sharing all available information regarding this specific matter. We would like to understand if this is due to a known issue on your side, a specific configuration, or any other cause that you can identify.

    Your assistance and cooperation in this matter are highly appreciated. We eagerly await your detailed response so that we can resolve this issue and maintain the security and stability of our network.

  • cechj
    cechj Posts: 1
    First Comment
    edited May 2023

    L2TP VPN user not authorized in AD over MS-CHAP v2 after this update.
    Same in 5.35 / 5.36 / 5.36 P1 !!!!!!!!!!!!!!!!!

    Last working firmware is week 5.35.(ABAR.0)ITS-23WK06.

    Need working VPN and secured ZYWALL please.

  • XMFI
    XMFI Posts: 3
    First Comment

    Hello i upgraded a USG 20w-VPN into new version 5.36 from 4.25 and i lost my configuration.

    I can't find any olf firmware to roll back my config file?

    Do you have any?

    Thanks in advance

  • RSaull
    RSaull Posts: 32  Freshman Member
    First Answer First Comment Friend Collector First Anniversary
    edited May 2023

    https://support.zyxel.eu/hc/en-us/articles/360013941859-Security-Products-Firmware-Overview-and-History-Downloads-for-FLEX-ATP-USG-VPN-ZYWALL

  • GIOMIND
    GIOMIND Posts: 7
    First Comment Friend Collector

    Hello, can you provide a working link for firmware 5.10 for USG20-VPN ?
    Direct upgrade to latest fails and all links through dropbox are not working due to too many accesses.

    We are unable to upgrade and solve the issue since we are on 4.65 and direct jump to latest does not work

  • PeterUK
    PeterUK Posts: 3,388  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited May 2023

    https://support.zyxel.eu/hc/en-us/articles/360013941859-Security-Products-Firmware-Overview-FLEX-ATP-USG-VPN-ZYWALL-

    what I don't get is why many people on old firmware who never upgraded when they could? and then this happens and need to jump to the newest…

  • GiuseppeR
    GiuseppeR Posts: 287  Master Member
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Engineer Level 1 - Nebula First Comment Friend Collector

    Hello everyone,

    I read the official note you could see below.

    I undestand the first condition: DoS attack, so the firewall could not answer and you need to power cycle it (like some other users had to).

    I need to know how to identify if a remote code was excuted and if the firewall integrity is still guaranteed.

    Waiting for news.

    ________________OFFICIAL NOTE________________

    Dear valued user,

    We have detected severe buffer overflow vulnerabilities that could lead to operational disruptions during routine tasks. We strongly recommend users to immediately install Firmware ZLD V4.73 P2 or ZLD V5.36 P2 and thoroughly examine the security advisory to ensure maximum network security.

    This crucial update mitigates the severe vulnerability that could potentially enable an unauthenticated attacker to induce denial-of-service (DoS) conditions or even execute remote code on a vulnerable device.

    Related Products

    Impacted series

    Impacted version

    Patch availability

    ATP

    ZLD V4.32 to V5.36 Patch1

    ZLD V5.36 Patch 2

    USG FLEX

    ZLD V4.50 to V5.36 Patch 1

    ZLD V5.36 Patch 2

    USG FLEX50(W)/USG20(W)-VPN

    ZLD V4.25 to V5.36 Patch 1

    ZLD V5.36 Patch 2

    VPN

    ZLD V4.30 to V5.36 Patch 1

    ZLD V5.36 Patch 2

    ZyWALL/USG

    ZLD V4.25 to V4.73 Patch 1

    ZLD V4.73 Patch 2

  • PeterUK
    PeterUK Posts: 3,388  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    You could use DDNS on site to site and firewall VPN services to Zywall per DDNS as source FQDN

  • GIOMIND
    GIOMIND Posts: 7
    First Comment Friend Collector

    Thank you. If you try the links in that page, they all point to dropbox and dropbox disabled them because of too many accesses: so is not possibile to download anything

Security Highlight