ZLD4.73 & ZLD5.36 patch 2 Official Version Released to address Buffer Overflow Issues
All Replies
-
I guess hacks found out some people had not been updating their firmware and have targeted the old firmware with fake downloads.
0 -
No, the zyxel page you posted: if you scroll to USG section and point to "Download 5.10" it links to a dropbox download.
So Zyxel used dropbox for their downloads, but dropbox, when huge traffic is detected on a specific link, disables it… BAM Zyxel, great idea!
https://support.zyxel.eu/hc/en-us/articles/360013941859-Security-Products-Firmware-Overview-and-History-Downloads-for-FLEX-ATP-USG-VPN-ZYWALL
0 -
Either they have hacked Zyxel or Zyxel has not been very clever in using dropbox for sharing their firmware: on a zero day with massive downloads….dropbox says goodbye
0 -
Yes Zyxel should really think about putting old firmware on portal.myzyxel.com
0 -
Patch 2 seams to still have the issue. We were running patch 1 and this morning our IPsec vpn's were dropping randomly. Never happened before. Applied patch 2 and it still happened. We geo-filtered traffic now as a previous post suggested and that seems to have fixed it for now (until attacks come from US).
2 -
These links won't work for archive firmware.
Does someone have a link for a USG20W-VPN 4.25?
Thanks :)
0 -
In the past all older firmwares of all devices were available on ftp.zyxel.com. Why is that gone? Could have been a huge help now.
But we still have no clear answer on what is happening the past days:
- Is this caused by a DOS attack? I see an IP from ukrain trying to connect to the IKEv2 port on several . All traffic from outside Europe is blocked on 20% of our firewalls and they have this problem too.
- Because it looks like it's fixed with new firmware: is this an attack that's only vulnerable for ZyXEL devices?
- L2TP over IPSec with AD integration is not working after the firmware update. IKEv2 with secuextender and AD integration is no problem, but not all of our cliënts are willing to pay for this cliënt...
- Is IPS (Intrusion Prevention System) catching this on firewalls which have this enabled? We don't use this service but I wanna know if it's worth the money now.
0 -
The release notes for the newest firmware contain these 2 CVEs:
CVE-2023-33009
CVE-2023-33010I didn't find any detailed info, however ZyXEL has classified them as 9.8 out of 10, so I guess its trivial to make a DoS attack on all ZyXEL USGs via a simple script… All a hacker needs is an open port (IKE?)
0 -
I found this":
0 -
We have 2 USG 20 and 1 USG 60 that we can't log into as of this morning. Was able to log into them one time, but then not again. Our VPN is down. How do we fix without having to wipe and rebuild?!
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 146 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight