Name of the Vulnerable Software and Affected Versions:

Zyxel XGS2220-30 firmware version V4.80(ABXN.1)

Zyxel XMG1930-30 firmware version V4.80(ACAR.1)

Zyxel XS1930-10 firmware version V4.80(ABQE.1)

Description:

The issue is related to improper frame handling in the firmware of certain Zyxel switches, which could allow an unauthenticated LAN-based attacker to cause denial-of-service (DoS) conditions by sending crafted frames to an affected switch. This is due to insufficient handling of exceptional states.

Recommendations:

For Zyxel XGS2220-30 firmware version V4.80(ABXN.1), update the firmware to a version that fixes the improper frame handling issue.

For Zyxel XMG1930-30 firmware version V4.80(ACAR.1), update the firmware to a version that fixes the improper frame handling issue.

For Zyxel XS1930-10 firmware version V4.80(ABQE.1), update the firmware to a version that fixes the improper frame handling issue.

As a temporary workaround, consider restricting access to the affected switches to minimize the risk of exploitation.