Advisory Published
Updated

CVE-2018-9129

First published: Wed Aug 15 2018(Updated: )

ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in their Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Zyxel Zywall 110 Firmware
Zyxel Zywall 110
Zyxel Zywall 1100 Firmware
Zyxel Zywall 1100
Zyxel Zywall 310 Firmware
Zyxel Zywall 310
Zyxel Zywall Vpn 50 Firmware
Zyxel Zywall Vpn 50
Zyxel Zywall Vpn 100 Firmware
Zyxel Zywall Vpn 100
Zyxel Zywall Vpn 300 Firmware
Zyxel Zywall Vpn 300
Zyxel Usg 20w Firmware
Zyxel Usg 20w
Zyxel Usg 40 Firmware
Zyxel Usg 40
Zyxel Usg 40w Firmware
Zyxel Usg 40w
Zyxel Usg 60 Firmware
Zyxel Usg 60
Zyxel Usg 60w Firmware
Zyxel Usg 60w
Zyxel Usg 110 Firmware
Zyxel Usg 110
Zyxel Usg 2200-vpn Firmware
Zyxel Usg 2200-vpn
Zyxel Usg 310 Firmware
Zyxel Usg 310
Zyxel Usg 1100 Firmware
Zyxel Usg 1100
Zyxel Usg 1900 Firmware
Zyxel Usg 1900
Zyxel Usg 20w-vpn Firmware
Zyxel Usg 20w-vpn

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2018-9129?

    CVE-2018-9129 is a vulnerability in the Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections in ZyXEL ZyWALL/USG series devices.

  • Which ZyXEL devices are affected by CVE-2018-9129?

    ZyXEL ZyWALL/USG series devices such as Zyxel Zywall 110, Zyxel Zywall 1100, Zyxel Zywall 310, Zyxel Zywall Vpn 50, Zyxel Zywall Vpn 100, Zyxel Zywall Vpn 300, Zyxel Usg 20w, Zyxel Usg 40, Zyxel Usg 40w, Zyxel Usg 60, Zyxel Usg 60w, Zyxel Usg 110, Zyxel Usg 2200-vpn, Zyxel Usg 310, Zyxel Usg 1100, Zyxel Usg 1900, and Zyxel Usg 20w-vpn are affected by CVE-2018-9129.

  • Are the ZyXEL devices with CVE-2018-9129 vulnerability still vulnerable?

    No, the ZyXEL devices mentioned in the previous question have been marked as not vulnerable to CVE-2018-9129.

  • What is the severity of CVE-2018-9129?

    CVE-2018-9129 has a severity rating of 5.9, which is considered medium.

  • How can I fix the CVE-2018-9129 vulnerability in ZyXEL devices?

    To fix the CVE-2018-9129 vulnerability, it is recommended to update the firmware of your ZyXEL ZyWALL/USG series device to the latest version provided by ZyXEL.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203