Zyxel Releases Patches for Critical Flaws in Firewall & VPN Devices - 1

Zyxel Releases Patches for Critical Flaws in Firewall & VPN Devices

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer

Zyxel Networks announced the release of updates for two critical security vulnerabilities impacting its firewall and VPN products. The two security flaws could provide admin-level access of the vulnerable devices to unwanted threat actors.

The Zyxel security advisory notes that both the flaws (CVE-2023-33009 and CVE-2023-33010) are buffer overflow vulnerabilities and have been given 9.8 out of 10 scores by CVSS (scoring system that provides qualitative measure of vulnerability).

Buffer overflow attack enables the threat actors to remotely control the affected devices by manipulating the system memory. The attacker can overwrite the data (memory) of an application and change its execution path, thus gaining unauthorized access to private data. Generally, this attack results in network interruptions, system crashes and sometimes can also lead to the creation of programs that run infinitely.

The two issues cited by Zyxel are:

  • CVE-2023-33009 – In some of the products, the buffer overflow vulnerability in the notification function could allow an unauthenticated attacker to cause a denial-of-service (DoS) condition and remote code execution.
  • CVE-2023-33010 – In some product versions, buffer overflow vulnerability in the ID processing function could allow an unauthenticated attacker to cause a denial-of-service (DoS) condition and remote code execution.

Post investigation, Zyxel noted that the following devices were impacted by the vulnerable firewall series:

  • ATP Versions ZLD V4.32 to V5.36 Patch 1 (repaired in ZLD V5.36 Patch 2)
  • USG FLEX Versions ZLD V4.50 to V5.36 Patch 1 (repaired in ZLD V5.36 Patch 2)
  • USG FLEX50(W) / USG20(W)-VPN Versions ZLD V4.25 to V5.36 Patch 1 (repaired in ZLD V5.36 Patch 2
  • VPN Versions ZLD V4.30 to V5.36 Patch 1 (repaired in ZLD V5.36 Patch 2)
  • ZyWALL/USG Versions ZLD V4.25 to V4.73 Patch 1 (repaired in ZLD V4.73 Patch 2)

The company has recommended its users to install the updated security patches to avoid unwanted threat attacks. On its Support Campus, Zyxel has also provided step-by-step instructions for its affected VPN partners.

These products are generally used by small and mid-sized businesses as well as home and remote-based workers to protect and secure their networks. In recent times, threat actors are always on the lookout for such vulnerabilities, thus it is essential that users and system administrators secure their networks with these firmware patches as quickly as possible.

Zero-Day Vulnerability in Barracuda ESG Exploited by Unknown Threat Actors - 2

Zero-Day Vulnerability in Barracuda ESG Exploited by Unknown Threat Actors

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer

Data protection and network security solution provider, Barracuda Networks announced that its Email Security Gateway (ESG) appliances was compromised due to a zero-day vulnerability.

Barracuda, a US-based cybersecurity company is one of the leading email security providers with customers ranging from medium to large-scale organizations, including Mitsubishi, Carrefour, Tupperware, among others.

In the announcement, the company did not disclose the number of Email Gateway customers affected by the breach nor of any possible damage to its other products and services. ‘’No other Barracuda products, including our SaaS email security services, were subject to this vulnerability,’’ stated Barracuda.

The vulnerability, which was discovered on May 19, has been identified as CVE-2023-2868 and was found in a module which initially scans incoming email attachments. On discovery, the company immediately rolled out security solutions in two batches. On May 20 the first phase of security patch was applied to all ESG appliances worldwide and on May 21, as part of its ‘’containment strategy’’ a second patch of security was applied to all appliances by Barracuda.

Barracuda’s current investigation showed that the vulnerability was exploited by unknown threat actors and ‘’resulted in unauthorized access to a subset of email gateway appliances’’.

The customers who were affected by this breach were notified through the company’s ESG appliance about the necessary steps to take. As the investigation was limited to Barracuda’s ESG product and not to any client’s internal network. The company stated that affected customers should investigate their specific networks for any possible impact and take remedial actions as necessary.

Barracuda announced that it would continue to monitor this situation. In addition to direct outreach to its customers, information about the updates would also be available through the company’s product status page and Trust Center.