CVE-2023-28768

Name of the Vulnerable Software and Affected Versions Zyxel XGS2220-30 firmware version V4.80(ABXN.1) Zyxel XMG1930-30 firmware version V4.80(ACAR.1) Zyxel XS1930-10 firmware version V4.80(ABQE.1)

Description The issue is related to improper frame handling in the firmware of certain Zyxel switches, which could allow an unauthenticated LAN-based attacker to cause denial-of-service (DoS) conditions by sending crafted frames to an affected switch. This is due to insufficient handling of exceptional states.

Recommendations For Zyxel XGS2220-30 firmware version V4.80(ABXN.1), update the firmware to a version that fixes the improper frame handling issue. For Zyxel XMG1930-30 firmware version V4.80(ACAR.1), update the firmware to a version that fixes the improper frame handling issue. For Zyxel XS1930-10 firmware version V4.80(ABQE.1), update the firmware to a version that fixes the improper frame handling issue. As a temporary workaround, consider restricting access to the affected switches to minimize the risk of exploitation.