FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2023-5960

Improper Privilege Management (CWE-269)

Published: Nov 28, 2023 / Updated: 11mo ago

010
CVSS 5.5EPSS 0.04%Medium
CVE info copied to clipboard

An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Timeline

First Article

Feedly found the first article mentioning CVE-2023-5960. See article

Nov 28, 2023 at 5:13 AM / Vulners.com RSS Feed
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Nov 28, 2023 at 5:13 AM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Nessus (186482)

Nov 30, 2023 at 12:15 PM
EPSS

EPSS Score was set to: 0.04% (Percentile: 5.7%)

Nov 30, 2023 at 3:27 PM
Static CVE Timeline Graph

Affected Systems

Zyxel/zld
+null more

Patches

www.zyxel.com
+null more

Links to Mitre Att&cks

T1548: Abuse Elevation Control Mechanism
+null more

Attack Patterns

CAPEC-122: Privilege Abuse
+null more

References

Zyxel security advisory for multiple vulnerabilities in firewalls and APs
Zyxel – Leader in Secure, AI-Powered Cloud Networking Solutions / 11mo
CVE-2023-37926 A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.

News

Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
Cyber Security News - The Reddit of Infosec / 11mo
CVE-2023-37926 – A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 – An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.
Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices – Source: securityaffairs.com
CISO2CISO.COM & CYBER SECURITY GROUP / 11mo
CVE-2023-37926 – A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 – An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.
Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
unSafe.sh - 不安全 / 11mo
CVE-2023-37926 – A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 – An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.
Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
unSafe.sh - 不安全 / 11mo
CVE-2023-37926 – A buffer overflow vulnerability in some firewall versions could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. CVE-2023-37925 – An improper privilege management vulnerability in the debug CLI command of some firewall and AP versions could allow an authenticated local attacker to access system files on an affected device.
Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
IT Security News / 11mo
Zyxel addressed tens of vulnerabilities that expose users to cyber attacks, including command injection and authentication bypass. Taiwanese vendor Zyxel addressed tens of vulnerabilities in its firewalls and access points. The addressed issues are tracked as CVE-2023-35136, CVE-2023-35139, CVE-2023-37925, CVE-2023-37926, CVE-2023-4397, CVE-2023-4398, CVE-2023-5650, CVE-2023-5797, CVE-2023-5960. Threat actors can exploit the vulnerabilities to steal cookies, access configuration files, carry out command injection and denial-of-service […] This article has been indexed from Security Affairs Read the original article: Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
See 11 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:None
Availability Impact:None

Categories

CVSS 5.5(34617)CWE-269(2761)Zyxel(259)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial