CVE-2023-4397
Vulnerability from cvelistv5
Published
2023-11-28 01:42
Modified
2024-08-02 07:24
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device.
References
security@zyxel.com.twhttps://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-apsVendor Advisory
Impacted products
ZyxelATP series firmware
ZyxelUSG FLEX series firmware
Zyxel USG FLEX 50(W) series firmware
ZyxelUSG20(W)-VPN series firmware
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:24:04.592Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ATP series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "5.37"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "USG FLEX series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "5.37"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": " USG FLEX 50(W) series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "5.37"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "USG20(W)-VPN series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "5.37"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device."
            }
          ],
          "value": "A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-28T01:42:00.951Z",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2023-4397",
    "datePublished": "2023-11-28T01:42:00.951Z",
    "dateReserved": "2023-08-17T08:25:31.464Z",
    "dateUpdated": "2024-08-02T07:24:04.592Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-4397\",\"sourceIdentifier\":\"security@zyxel.com.tw\",\"published\":\"2023-11-28T02:15:42.990\",\"lastModified\":\"2023-12-04T18:05:04.100\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de desbordamiento del b\u00fafer en la versi\u00f3n 5.37 del firmware de la serie Zyxel ATP, la versi\u00f3n 5.37 del firmware de la serie USG FLEX, la versi\u00f3n 5.37 del firmware de la serie USG FLEX 50(W) y la versi\u00f3n 5.37 del firmware de la serie USG20(W)-VPN, podr\u00eda permitir que un atacante local autenticado con privilegios de administrador para provocar condiciones de denegaci\u00f3n de servicio (DoS) ejecutando el comando CLI con cadenas manipuladas en un dispositivo afectado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@zyxel.com.tw\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":4.4,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":0.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security@zyxel.com.tw\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F7654A1-3806-41C7-82D4-46B0CD7EE53B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D68A36FF-8CAF-401C-9F18-94F3A2405CF4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2818E8AC-FFEE-4DF9-BF3F-C75166C0E851\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B41F437-855B-4490-8011-DF59887BE6D5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66B99746-0589-46E6-9CBD-F38619AD97DC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:zld:5.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26B7AE28-E9ED-4488-BF31-74A15DE79C7A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B30A4C0-9928-46AD-9210-C25656FB43FB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D74ABA7E-AA78-4A13-A64E-C44021591B42\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F93B6A06-2951-46D2-A7E1-103D7318D612\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"646C1F07-B553-47B0-953B-DC7DE7FD0F8B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92C697A5-D1D3-4FF0-9C43-D27B18181958\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"110A1CA4-0170-4834-8281-0A3E14FC5584\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D1396E3-731B-4D05-A3F8-F3ABB80D5C29\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:zld:5.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26B7AE28-E9ED-4488-BF31-74A15DE79C7A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BEA412F-3DA1-4E91-9C74-0666147DABCE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"371CE32A-C28E-44D2-9B0B-D8775928FD0E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:zld:5.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26B7AE28-E9ED-4488-BF31-74A15DE79C7A\"}]}]}],\"references\":[{\"url\":\"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps\",\"source\":\"security@zyxel.com.tw\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.