Zyxel Releases Security Updates

Security updates address vulnerabilities in Zyxel routers and switches

Threat ID:: CC-4330
Threat Severity:: Information only
Published:: 7 June 2023 3:22 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Security updates address vulnerabilities in Zyxel routers and switches

Affected platforms

The following platforms are known to be affected:

Zyxel 4G LTE Router

LTE7480-M804: V1.00(ABRA.6)C0 and earlier
LTE7490-M904: V1.00(ABQY.5)C0 and earlier

Zyxel 5G NR

NR7101: V1.00(ABUV.7)C0 and earlier
Nebula NR7101: V1.15(ACCC.3)C0 and earlier

Zyxel GS1900 Series Switch

GS1900-8: V2.70(AAHH.3)
GS1900-8HP: V2.70(AAHI.3)
GS1900-10HP: V2.70(AAZI.3)
GS1900-16: V2.70(AAHJ.3)
GS1900-24: V2.70(AAHL.3)
GS1900-24E: V2.70(AAHK.3)
GS1900-24EP: V2.70(ABTO.3)
GS1900-24HPv2: V2.70(ABTP.3)
GS1900-48: V2.70(AAHN.3)
GS1900-48HPv2: V2.70(ABTQ.3)

Threat details

Introduction

Zyxel has released security updates to address vulnerabilities in 4G LTE routers, 5G NR outdoor routers and GS1900 series switches.

In the first security advisory, a buffer overflow vulnerability in the CGI program of some Zyxel 4G LTE and 5G NR outdoor routers could allow a remote authenticated attacker to cause denial-of-service conditions by sending a specially crafted HTTP request to a vulnerable device.

In the second security advisory, a privilege escalation vulnerability in the Zyxel GS1900 series switches could allow a local authenticated attacker with administrator privileges to execute some system commands as the root user on a vulnerable device.

Remediation advice

Affected organisations are encouraged to review Zyxel's security advisories and apply the relevant updates.

Remediation steps

Type	Step
Patch	Zyxel security advisory for buffer overflow vulnerability in 4G LTE and 5G NR outdoor routers https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerability-in-4g-lte-and-5g-nr-outdoor-routers
Patch	Zyxel security advisory for privilege escalation vulnerability in GS1900 series switches https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-privilege-escalation-vulnerability-in-gs1900-series-switches

Definitive source of threat updates

CVE Vulnerabilities

Status Published

CVE-2023-27989

A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.

Status Published

CVE-2022-45853

The privilege escalation vulnerability in the Zyxel GS1900-8 firmware version V2.70(AAHH.3) and the GS1900-8HP firmware version V2.70(AAHI.3) could allow an authenticated, local attacker with administrator privileges to execute some system commands as 'root' on a vulnerable device via SSH.

Last edited: 7 June 2023 3:22 pm