CVE-2023-6764

Name of the Vulnerable Software and Affected Versions Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1 Zyxel USG FLEX series firmware versions from 4.50 through 5.37 Patch 1 Zyxel USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1 Zyxel USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1

Description A format string vulnerability in the IPSec VPN feature could allow an attacker to achieve unauthorized remote code execution by sending a sequence of specially crafted payloads containing an invalid pointer. However, such an attack would require detailed knowledge of an affected device’s memory layout and configuration. The vulnerability is related to the use of uncontrolled format strings.

Recommendations For Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, update to a version later than 5.37 Patch 1. For Zyxel USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, update to a version later than 5.37 Patch 1. For Zyxel USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, update to a version later than 5.37 Patch 1. For Zyxel USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, update to a version later than 5.37 Patch 1. As a temporary workaround, consider disabling the IPSec VPN feature until a patch is available.