CVE-2023-4398

Integer Overflow or Wraparound (CWE-190)

Published: Nov 28, 2023 / Updated: 11mo ago

010
CVSS 7.5EPSS 0.04%High
CVE info copied to clipboard

An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions on an affected device by sending a crafted IKE packet.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2023-4398. See article

Nov 28, 2023 at 7:06 AM / VulDB Recent Entries
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Nov 28, 2023 at 7:06 AM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Nessus (186480)

Nov 30, 2023 at 12:15 PM
EPSS

EPSS Score was set to: 0.04% (Percentile: 8.6%)

Nov 30, 2023 at 3:26 PM
Trending

This CVE started to trend in security discussions

Dec 4, 2023 at 6:40 PM
Static CVE Timeline Graph

Affected Systems

Zyxel/zld
+null more

Patches

www.zyxel.com
+null more

Attack Patterns

CAPEC-92: Forced Integer Overflow
+null more

References

Zyxel security advisory for multiple vulnerabilities in firewalls and APs
CVE-2023-37926 A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.

News

Vulnerability Summary for the Week of November 27, 2023
Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-43089 PrimaryVendor - Product delta electronics - infrasuite device master Description In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an unauthenticated attacker to execute arbitrary code through a single UDP packet. Published 2023-11-30 CVSS Score not yet calculated Source & Patch Info CVE-2023-47207 PrimaryVendor - Product delta electronics - infrasuite device master Description In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated attacker to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying.
Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
CVE-2023-37926 – A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 – An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.
Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices – Source: securityaffairs.com
CVE-2023-37926 – A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 – An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.
Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
CVE-2023-37926 – A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 – An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.
Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
CVE-2023-37926 – A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 – An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.
See 13 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:None
Integrity:None
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI