CVE-2023-6764 (GCVE-0-2023-6764)

Vulnerability from cvelistv5 – Published: 2024-02-20 02:14 – Updated: 2024-08-02 08:42
VLAI?
Summary
A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1 could allow an attacker to achieve unauthorized remote code execution by sending a sequence of specially crafted payloads containing an invalid pointer; however, such an attack would require detailed knowledge of an affected device’s memory layout and configuration.
Severity ?
8.1 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-134 - Use of Externally-Controlled Format String
Assigner
References
Impacted products
Vendor Product Version
Zyxel ATP series firmware Affected: version 4.32 through 5.37 Patch 1
Create a notification for this product.
    Zyxel USG FLEX series firmware Affected: version 4.50 through 5.37 Patch 1
Create a notification for this product.
    Zyxel USG FLEX 50(W) series firmware Affected: version 4.16 through 5.37 Patch 1
Create a notification for this product.
    Zyxel USG20(W)-VPN series firmware Affected: version 4.16 through 5.37 Patch 1
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:zyxel:atp_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "atp_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "5.37patch1",
                "status": "affected",
                "version": "4.32",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:usg_flex_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "usg_flex_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "5.37patch1",
                "status": "affected",
                "version": "4.50",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:usg_flex_50w_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "usg_flex_50w_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "5.37patch1",
                "status": "affected",
                "version": "4.16",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "usg_20w-vpn_firmware",
            "vendor": "zyxel",
            "versions": [
              {
                "lessThanOrEqual": "5.37patch1",
                "status": "affected",
                "version": "4.16",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-6764",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-01T05:01:05.440386Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-27T20:53:09.347Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:07.430Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ATP series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "version 4.32 through 5.37 Patch 1"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "USG FLEX series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "version 4.50 through 5.37 Patch 1"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "USG FLEX 50(W) series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "version 4.16 through 5.37 Patch 1"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "USG20(W)-VPN series firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "version 4.16 through 5.37 Patch 1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\n\n\n\n\n\n\n\n\n\n\nA format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1 could allow an attacker to achieve unauthorized remote code execution by sending a sequence of specially crafted payloads containing an invalid pointer; however, such an attack would require detailed knowledge of an affected device\u2019s memory layout and configuration.\n\n\n\n"
            }
          ],
          "value": "\n\n\n\n\n\n\n\n\n\n\n\nA format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1 could allow an attacker to achieve unauthorized remote code execution by sending a sequence of specially crafted payloads containing an invalid pointer; however, such an attack would require detailed knowledge of an affected device\u2019s memory layout and configuration.\n\n\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-134",
              "description": "CWE-134 Use of Externally-Controlled Format String",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-20T02:14:09.814Z",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2023-6764",
    "datePublished": "2024-02-20T02:14:09.814Z",
    "dateReserved": "2023-12-13T08:39:31.993Z",
    "dateUpdated": "2024-08-02T08:42:07.430Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\nA format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1 could allow an attacker to achieve unauthorized remote code execution by sending a sequence of specially crafted payloads containing an invalid pointer; however, such an attack would require detailed knowledge of an affected device\\u2019s memory layout and configuration.\\n\\n\\n\\n\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de cadena de formato en una funci\\u00f3n de la funci\\u00f3n VPN IPSec en las versiones de firmware de la serie Zyxel ATP de 4.32 a 5.37 Parche 1, versiones de firmware de la serie USG FLEX de 4.50 a 5.37 Parche 1, versiones de firmware de la serie USG FLEX 50(W) de 4.16 a 5.37 El parche 1 y las versiones de firmware de la serie USG20(W)-VPN desde 4.16 hasta 5.37. El parche 1 podr\\u00eda permitir a un atacante lograr la ejecuci\\u00f3n remota no autorizada de c\\u00f3digo enviando una secuencia de payloads especialmente manipulados que contengan un puntero no v\\u00e1lido; sin embargo, un ataque de este tipo requerir\\u00eda un conocimiento detallado del dise\\u00f1o y la configuraci\\u00f3n de la memoria del dispositivo afectado.\"}]",
      "id": "CVE-2023-6764",
      "lastModified": "2024-11-21T08:44:30.593",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security@zyxel.com.tw\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 5.9}]}",
      "published": "2024-02-20T03:15:07.870",
      "references": "[{\"url\": \"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024\", \"source\": \"security@zyxel.com.tw\"}, {\"url\": \"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security@zyxel.com.tw",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"security@zyxel.com.tw\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-134\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-6764\",\"sourceIdentifier\":\"security@zyxel.com.tw\",\"published\":\"2024-02-20T03:15:07.870\",\"lastModified\":\"2025-01-21T18:35:59.583\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\nA format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1 could allow an attacker to achieve unauthorized remote code execution by sending a sequence of specially crafted payloads containing an invalid pointer; however, such an attack would require detailed knowledge of an affected device\u2019s memory layout and configuration.\\n\\n\\n\\n\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de cadena de formato en una funci\u00f3n de la funci\u00f3n VPN IPSec en las versiones de firmware de la serie Zyxel ATP de 4.32 a 5.37 Parche 1, versiones de firmware de la serie USG FLEX de 4.50 a 5.37 Parche 1, versiones de firmware de la serie USG FLEX 50(W) de 4.16 a 5.37 El parche 1 y las versiones de firmware de la serie USG20(W)-VPN desde 4.16 hasta 5.37. El parche 1 podr\u00eda permitir a un atacante lograr la ejecuci\u00f3n remota no autorizada de c\u00f3digo enviando una secuencia de payloads especialmente manipulados que contengan un puntero no v\u00e1lido; sin embargo, un ataque de este tipo requerir\u00eda un conocimiento detallado del dise\u00f1o y la configuraci\u00f3n de la memoria del dispositivo afectado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@zyxel.com.tw\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@zyxel.com.tw\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-134\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-134\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.32\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"22B1CC86-551C-4CF1-9905-22D983C87B0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp100_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"121E2131-A6CB-4714-BD0B-9CDBFF924F10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp100_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4AA7A4F-E00F-4CFA-8B4F-305BEC37F0B8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F7654A1-3806-41C7-82D4-46B0CD7EE53B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.32\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"9E4D7828-078E-4418-9F04-302FC7F8BB25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp100w_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F750721F-73AD-4BDD-A407-72D8DEB30C68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp100w_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"069E7437-BF71-4F73-8C0A-44DC9804492B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.32\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"67DC678C-8CA1-4289-A69B-435FE3374BCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp200_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B20F854E-486D-46C0-90C8-81153573FEF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp200_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE71538C-16FD-43B1-B6CD-EB5988AFB7BF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D68A36FF-8CAF-401C-9F18-94F3A2405CF4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.32\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"B5C9B7E5-F548-4F9F-8CA7-20B7D41DF0AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp500_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E8933B8-F66E-4667-955E-DB5486534C5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp500_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F694EDC-DEF2-47D4-BCF0-32972EF8CEA1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2818E8AC-FFEE-4DF9-BF3F-C75166C0E851\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.32\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"8E1974D6-04C1-4135-812D-6901712940EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp700_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E3E890B-8BDE-4C22-BFF7-B87495C71C48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp700_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3037AE20-8F8B-4656-9534-6436A8AEA8C9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B41F437-855B-4490-8011-DF59887BE6D5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.32\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"21C4C98F-B383-4F2F-B84E-3C6DDD8437DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp800_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"67FA1CEC-DED7-46D4-A4FC-780431B3EE2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:atp800_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFD1CE91-B72C-4589-9A5F-F1164C0193AB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66B99746-0589-46E6-9CBD-F38619AD97DC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"0D66CA5F-C85F-4D69-8F82-BDCF6FCB905C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_100_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF266069-4FA5-4343-B62C-0940A0C61566\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_100_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"99E0ECA5-7FE6-4E56-A741-E3260C99A43A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B30A4C0-9928-46AD-9210-C25656FB43FB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_100ax_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"9CF216E5-870B-4C6E-9CFA-A5FB6F476CB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_100ax_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"395E8D72-E9F6-4923-B4DE-875D195B27F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_100ax_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCBEDDCD-A9F6-4E07-ADF8-B1E9C557CDEC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_100ax:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03036815-04AE-4E39-8310-DA19A32CFA48\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_100h_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"C220BBFF-29A6-483B-9806-6A966625EFEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_100h_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"45EEA203-C4E3-4916-A9E5-15AB994B53FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_100h_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A21576D3-6A3F-451C-9B62-E0B0418D5529\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_100h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED28D5ED-B21A-4CD6-947E-9C21EA801B7D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"E5E31FC3-E2EC-4909-BF8D-86775AF4D4B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC61CF4F-74D5-4C96-8D8A-779436CF344D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_100w_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"25EB6607-7241-4D01-BC87-3C3E62B27B6B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D74ABA7E-AA78-4A13-A64E-C44021591B42\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"D6EF9AA9-65D5-4D7B-A2BF-9150C6339282\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_200_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E4CC2FF-2BB1-43E8-A7AA-56A220705FE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_200_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"31206A47-4A01-4FB7-A0AA-E9D22C63941D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F93B6A06-2951-46D2-A7E1-103D7318D612\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_200h_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"69B29C9B-DB92-4DBD-9F83-1C9FABAC81B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_200h_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBDE985D-B016-4303-8EE6-904C79F8FE82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_200h_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ACD16E9-7EE0-4AD5-9D71-121AFAEF7947\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_200h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09D15ECD-4942-407A-A62E-9785568C6B78\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_200hp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"DCC129C3-AD72-44AE-B89D-5BF40559B9F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_200hp_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EE95AED-D8FB-44BD-856D-2F7A6DB2AABA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_200hp_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D764B87E-8B23-4C33-93BB-59B23CFEADBC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_200hp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD7E9028-1ECB-4D88-84D8-CFC589B429AE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"B221F5CD-C0C6-4917-AC15-FF1BA3904915\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_500_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9D7FBB8-C983-4EFA-90CB-EC5C6A26D112\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_500_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CDA1267-E136-4932-9627-B4D12DB17E27\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92C697A5-D1D3-4FF0-9C43-D27B18181958\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_500h_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"C8ACA5C0-F9AC-4986-95CF-74A92DEAF45E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_500h_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D168F82-50CE-4E25-B1D9-B50F69463F5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_500h_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A0B9A2C-772B-4669-BC7C-71FA32B1B4EA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_500h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE57BCA4-8631-460A-BFE3-BB765E5D009F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"0FA43EB7-3F72-4250-BE9A-7449B8AEF90F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_700_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1FEDD30-0B80-4F07-8475-156B9FE46883\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_700_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3953AFFC-18E6-46AA-BC99-EA65726E4D9E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D1396E3-731B-4D05-A3F8-F3ABB80D5C29\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_700h_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.50\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"D051AE62-28E7-4626-B5CB-F4B244260A0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_700h_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5A45A9D-D9C7-495D-BD83-EE088746FD36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_700h_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"606D09B9-0376-4277-9964-F0580D65C3E0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_700h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8832743A-99FA-417E-BCE1-4BF7D4CEF9BE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.16\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"50C93BA9-E4F3-48F3-8D58-92409905AC03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_50_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5476C178-E553-44FC-854B-5851F0F28469\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_50_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2D65155-CDF2-4A99-94CA-D4B61B26D32C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"646C1F07-B553-47B0-953B-DC7DE7FD0F8B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.16\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"7A2842FD-23CC-4E12-AF08-979035695E5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC8C2C47-FE8E-4496-9648-0B264A9A2EA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg_flex_50w_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEB68246-FD4B-4FB6-9140-63725EA24660\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"110A1CA4-0170-4834-8281-0A3E14FC5584\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.16\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"7E10984B-2ACA-4B15-AF74-F6E7D467DA8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg20-vpn_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0BFA01B-1328-4F96-AE56-D39416A54F0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg20-vpn_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABB0C1EC-512C-4A00-84C6-4F93FDD7739F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7239C54F-EC9E-44B4-AE33-1D36E5448219\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg20w-vpn_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.16\",\"versionEndExcluding\":\"5.37\",\"matchCriteriaId\":\"CE25FC75-B93D-4010-A255-2AF732D47674\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg20w-vpn_firmware:5.37:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8470EFC-2AED-45A3-8F4E-CF8EB8EB43D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zyxel:usg20w-vpn_firmware:5.37:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFD0A4B7-5A6D-4DAE-9FA4-559F9932A92B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zyxel:usg20w-vpn:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06D2AD3A-9197-487D-A267-24DE332CC66B\"}]}]}],\"references\":[{\"url\":\"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024\",\"source\":\"security@zyxel.com.tw\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T08:42:07.430Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-6764\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-01T05:01:05.440386Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:zyxel:atp_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"zyxel\", \"product\": \"atp_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.32\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5.37patch1\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:zyxel:usg_flex_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"zyxel\", \"product\": \"usg_flex_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.50\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5.37patch1\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:zyxel:usg_flex_50w_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"zyxel\", \"product\": \"usg_flex_50w_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.16\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5.37patch1\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:zyxel:usg_20w-vpn_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"zyxel\", \"product\": \"usg_20w-vpn_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.16\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5.37patch1\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-27T20:52:43.587Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Zyxel\", \"product\": \"ATP series firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"version 4.32 through 5.37 Patch 1\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Zyxel\", \"product\": \"USG FLEX series firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"version 4.50 through 5.37 Patch 1\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Zyxel\", \"product\": \"USG FLEX 50(W) series firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"version 4.16 through 5.37 Patch 1\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Zyxel\", \"product\": \"USG20(W)-VPN series firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"version 4.16 through 5.37 Patch 1\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\nA format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1 could allow an attacker to achieve unauthorized remote code execution by sending a sequence of specially crafted payloads containing an invalid pointer; however, such an attack would require detailed knowledge of an affected device\\u2019s memory layout and configuration.\\n\\n\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\nA format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1 could allow an attacker to achieve unauthorized remote code execution by sending a sequence of specially crafted payloads containing an invalid pointer; however, such an attack would require detailed knowledge of an affected device\\u2019s memory layout and configuration.\\n\\n\\n\\n\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-134\", \"description\": \"CWE-134 Use of Externally-Controlled Format String\"}]}], \"providerMetadata\": {\"orgId\": \"96e50032-ad0d-4058-a115-4d2c13821f9f\", \"shortName\": \"Zyxel\", \"dateUpdated\": \"2024-02-20T02:14:09.814Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-6764\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-02T08:42:07.430Z\", \"dateReserved\": \"2023-12-13T08:39:31.993Z\", \"assignerOrgId\": \"96e50032-ad0d-4058-a115-4d2c13821f9f\", \"datePublished\": \"2024-02-20T02:14:09.814Z\", \"assignerShortName\": \"Zyxel\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.