Zyxel OS Command Injection Vulnerability - 20230501004

Overview

Zyxel has released patches for an OS command injection vulnerability found by TRAPA Security and urges uses to install them for optimal protection.

What is the vulnerability?

Improper error message handling in some firewall versions could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device.

What is vulnerable?

The vulnerability affects the following products:

• https://www.cve.org/CVERecord?id=CVE-2023-28771

What has been observed?

There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices:

• https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-remote-command-injection-vulnerability-of-firewalls

Additional References

• https://www.cve.org/CVERecord?id=CVE-2023-28771
• https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-remote-command-injection-vulnerability-of-firewalls