CVE-2023-33010: Zyxel Multiple Firewalls Buffer Overflow Vulnerability
First published: Wed May 24 2023(Updated: )
A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.
Credit: security@zyxel.com.tw security@zyxel.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zyxel Multiple Firewalls | ||
| All of | ||
| Any of | ||
| Zyxel ATP100 Firmware | >=4.32<5.36 | |
| Zyxel ATP100 Firmware | =5.36 | |
| Zyxel ATP100 Firmware | =5.36-patch1 | |
| Zyxel ATP100 Firmware | ||
| All of | ||
| Any of | ||
| Zyxel ATP200 firmware | >=4.32<5.36 | |
| Zyxel ATP200 firmware | =5.36 | |
| Zyxel ATP200 firmware | =5.36-patch1 | |
| Zyxel ATP200 firmware | ||
| All of | ||
| Any of | ||
| Zyxel ATP500 Firmware | >=4.32<5.36 | |
| Zyxel ATP500 Firmware | =5.36 | |
| Zyxel ATP500 Firmware | =5.36-patch1 | |
| Zyxel ATP500 Firmware | ||
| All of | ||
| Any of | ||
| Zyxel ATP100W Firmware | >=4.32<5.36 | |
| Zyxel ATP100W Firmware | =5.36 | |
| Zyxel ATP100W Firmware | =5.36-patch1 | |
| Zyxel ATP100W Firmware | ||
| All of | ||
| Any of | ||
| Zyxel ATP700 Firmware | >=4.32<5.36 | |
| Zyxel ATP700 Firmware | =5.36 | |
| Zyxel ATP700 Firmware | =5.36-patch1 | |
| Zyxel ATP700 Firmware | ||
| All of | ||
| Any of | ||
| Zyxel ATP800 | >=4.32<5.36 | |
| Zyxel ATP800 | =5.36 | |
| Zyxel ATP800 | =5.36-patch1 | |
| Zyxel ATP800 Firmware | ||
| All of | ||
| Any of | ||
| Zyxel USG Flex 100 firmware | >=4.50<5.36 | |
| Zyxel USG Flex 100 firmware | =5.36 | |
| Zyxel USG Flex 100 firmware | =5.36-patch1 | |
| Zyxel USG FLEX 100 | ||
| All of | ||
| Any of | ||
| Zyxel USG FLEX 50(W) series firmware | =5.36 | |
| Zyxel USG FLEX 50(W) series firmware | =5.36-patch1 | |
| Zyxel USG FLEX 50 | ||
| All of | ||
| Any of | ||
| Zyxel USG FLEX 200 | >=4.50<5.36 | |
| Zyxel USG FLEX 200 | =5.36 | |
| Zyxel USG FLEX 200 | =5.36-patch1 | |
| Zyxel USG FLEX 200 firmware | ||
| All of | ||
| Any of | ||
| Zyxel USG FLEX 500 | >=4.50<5.36 | |
| Zyxel USG FLEX 500 | =5.36 | |
| Zyxel USG FLEX 500 | =5.36-patch1 | |
| Zyxel USG FLEX 500 firmware | ||
| All of | ||
| Any of | ||
| Zyxel USG FLEX 700 firmware | >=4.50<5.36 | |
| Zyxel USG FLEX 700 firmware | =5.36 | |
| Zyxel USG FLEX 700 firmware | =5.36-patch1 | |
| Zyxel USG FLEX 700 firmware | ||
| All of | ||
| Any of | ||
| Zyxel USG Flex 100 firmware | >=4.50<5.36 | |
| Zyxel USG FLEX 100w firmware | =5.36 | |
| Zyxel USG FLEX 100w firmware | =5.36-patch1 | |
| Zyxel USG FLEX 100w firmware | ||
| All of | ||
| Any of | ||
| Zyxel USG FLEX 50w | >=4.25<5.36 | |
| Zyxel USG FLEX 50w | =5.36 | |
| Zyxel USG FLEX 50w | =5.36-patch1 | |
| Zyxel USG FLEX 50(W) series firmware | ||
| All of | ||
| Any of | ||
| Zyxel USG 20w-VPN Firmware | =5.36 | |
| Zyxel USG 20w-VPN Firmware | =5.36-patch1 | |
| Zyxel USG20 | ||
| All of | ||
| Any of | ||
| Zyxel VPN100 | >=4.30<5.36 | |
| Zyxel VPN100 | =5.36 | |
| Zyxel VPN100 | =5.36-patch1 | |
| Zyxel VPN100 Firmware | ||
| All of | ||
| Any of | ||
| Zyxel Zywall VPN 50 Firmware | >=4.30<5.36 | |
| Zyxel Zywall VPN 50 Firmware | =5.36 | |
| Zyxel Zywall VPN 50 Firmware | =5.36-patch1 | |
| Zyxel VPN50 Firmware | ||
| All of | ||
| Any of | ||
| Zyxel Zywall VPN 300 Firmware | >=4.30<5.36 | |
| Zyxel Zywall VPN 300 Firmware | =5.36 | |
| Zyxel Zywall VPN 300 Firmware | =5.36-patch1 | |
| Zyxel VPN300 | ||
| All of | ||
| Any of | ||
| Zyxel VPN1000 Firmware | >=4.30<5.36 | |
| Zyxel VPN1000 Firmware | =5.36 | |
| Zyxel VPN1000 Firmware | =5.36-patch1 | |
| Zyxel VPN1000 Firmware | ||
| All of | ||
| Any of | ||
| Zyxel USG20-VPN Firmware | >=4.30<5.36 | |
| Zyxel USG20-VPN Firmware | =5.36 | |
| Zyxel USG20-VPN Firmware | =5.36-patch1 | |
| Zyxel USG20 | ||
| All of | ||
| Any of | ||
| Zyxel USG 40 firmware | >=4.25<4.73 | |
| Zyxel USG 40 firmware | =4.73 | |
| Zyxel USG 40 firmware | =4.73-patch1 | |
| Zyxel USG40W | ||
| All of | ||
| Any of | ||
| Zyxel USG40W Firmware | >=4.25<4.73 | |
| Zyxel USG40W Firmware | =4.73 | |
| Zyxel USG40W Firmware | =4.73-patch1 | |
| Zyxel USG40W | ||
| All of | ||
| Any of | ||
| Zyxel USG60W Firmware | >=4.25<4.73 | |
| Zyxel USG60W Firmware | =4.73 | |
| Zyxel USG60W Firmware | =4.73-patch1 | |
| Zyxel USG 60w firmware | ||
| All of | ||
| Any of | ||
| Zyxel USG60 Firmware | >=4.25<4.73 | |
| Zyxel USG60 Firmware | =4.73 | |
| Zyxel USG60 Firmware | =4.73-patch1 | |
| Zyxel USG60W | ||
| Zyxel ATP100 Firmware | >=4.32<5.36 | |
| Zyxel ATP100 Firmware | =5.36 | |
| Zyxel ATP100 Firmware | =5.36-patch1 | |
| Zyxel ATP100 Firmware | ||
| Zyxel ATP200 firmware | >=4.32<5.36 | |
| Zyxel ATP200 firmware | =5.36 | |
| Zyxel ATP200 firmware | =5.36-patch1 | |
| Zyxel ATP200 firmware | ||
| Zyxel ATP500 Firmware | >=4.32<5.36 | |
| Zyxel ATP500 Firmware | =5.36 | |
| Zyxel ATP500 Firmware | =5.36-patch1 | |
| Zyxel ATP500 Firmware | ||
| Zyxel ATP100W Firmware | >=4.32<5.36 | |
| Zyxel ATP100W Firmware | =5.36 | |
| Zyxel ATP100W Firmware | =5.36-patch1 | |
| Zyxel ATP100W Firmware | ||
| Zyxel ATP700 Firmware | >=4.32<5.36 | |
| Zyxel ATP700 Firmware | =5.36 | |
| Zyxel ATP700 Firmware | =5.36-patch1 | |
| Zyxel ATP700 Firmware | ||
| Zyxel ATP800 | >=4.32<5.36 | |
| Zyxel ATP800 | =5.36 | |
| Zyxel ATP800 | =5.36-patch1 | |
| Zyxel ATP800 Firmware | ||
| Zyxel USG Flex 100 firmware | >=4.50<5.36 | |
| Zyxel USG Flex 100 firmware | =5.36 | |
| Zyxel USG Flex 100 firmware | =5.36-patch1 | |
| Zyxel USG FLEX 100 | ||
| Zyxel USG FLEX 50(W) series firmware | =5.36 | |
| Zyxel USG FLEX 50(W) series firmware | =5.36-patch1 | |
| Zyxel USG FLEX 50 | ||
| Zyxel USG FLEX 200 | >=4.50<5.36 | |
| Zyxel USG FLEX 200 | =5.36 | |
| Zyxel USG FLEX 200 | =5.36-patch1 | |
| Zyxel USG FLEX 200 firmware | ||
| Zyxel USG FLEX 500 | >=4.50<5.36 | |
| Zyxel USG FLEX 500 | =5.36 | |
| Zyxel USG FLEX 500 | =5.36-patch1 | |
| Zyxel USG FLEX 500 firmware | ||
| Zyxel USG FLEX 700 firmware | >=4.50<5.36 | |
| Zyxel USG FLEX 700 firmware | =5.36 | |
| Zyxel USG FLEX 700 firmware | =5.36-patch1 | |
| Zyxel USG FLEX 700 firmware | ||
| Zyxel USG FLEX 100w firmware | =5.36 | |
| Zyxel USG FLEX 100w firmware | =5.36-patch1 | |
| Zyxel USG FLEX 100w firmware | ||
| Zyxel USG FLEX 50w | >=4.25<5.36 | |
| Zyxel USG FLEX 50w | =5.36 | |
| Zyxel USG FLEX 50w | =5.36-patch1 | |
| Zyxel USG FLEX 50(W) series firmware | ||
| Zyxel USG 20w-VPN Firmware | =5.36 | |
| Zyxel USG 20w-VPN Firmware | =5.36-patch1 | |
| Zyxel USG20 | ||
| Zyxel VPN100 | >=4.30<5.36 | |
| Zyxel VPN100 | =5.36 | |
| Zyxel VPN100 | =5.36-patch1 | |
| Zyxel VPN100 Firmware | ||
| Zyxel Zywall VPN 50 Firmware | >=4.30<5.36 | |
| Zyxel Zywall VPN 50 Firmware | =5.36 | |
| Zyxel Zywall VPN 50 Firmware | =5.36-patch1 | |
| Zyxel VPN50 Firmware | ||
| Zyxel Zywall VPN 300 Firmware | >=4.30<5.36 | |
| Zyxel Zywall VPN 300 Firmware | =5.36 | |
| Zyxel Zywall VPN 300 Firmware | =5.36-patch1 | |
| Zyxel VPN300 | ||
| Zyxel VPN1000 Firmware | >=4.30<5.36 | |
| Zyxel VPN1000 Firmware | =5.36 | |
| Zyxel VPN1000 Firmware | =5.36-patch1 | |
| Zyxel VPN1000 Firmware | ||
| Zyxel USG20-VPN Firmware | >=4.30<5.36 | |
| Zyxel USG20-VPN Firmware | =5.36 | |
| Zyxel USG20-VPN Firmware | =5.36-patch1 | |
| Zyxel USG20 | ||
| Zyxel USG 40 firmware | >=4.25<4.73 | |
| Zyxel USG 40 firmware | =4.73 | |
| Zyxel USG 40 firmware | =4.73-patch1 | |
| Zyxel USG40W | ||
| Zyxel USG40W Firmware | >=4.25<4.73 | |
| Zyxel USG40W Firmware | =4.73 | |
| Zyxel USG40W Firmware | =4.73-patch1 | |
| Zyxel USG40W | ||
| Zyxel USG60W Firmware | >=4.25<4.73 | |
| Zyxel USG60W Firmware | =4.73 | |
| Zyxel USG60W Firmware | =4.73-patch1 | |
| Zyxel USG 60w firmware | ||
| Zyxel USG60 Firmware | >=4.25<4.73 | |
| Zyxel USG60 Firmware | =4.73 | |
| Zyxel USG60 Firmware | =4.73-patch1 | |
| Zyxel USG60W |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls
- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls;
- https://nvd.nist.gov/vuln/detail/CVE-2023-33010
Frequently Asked Questions
What is CVE-2023-33010?
CVE-2023-33010 is a buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1.
How does CVE-2023-33010 affect Zyxel Multiple Firewalls?
CVE-2023-33010 affects Zyxel Multiple Firewalls by exploiting a buffer overflow vulnerability in the ID processing function.
What is the severity of CVE-2023-33010?
The severity of CVE-2023-33010 is not mentioned in the available information.
How can I fix CVE-2023-33010?
To fix CVE-2023-33010, it is recommended to apply the latest firmware updates provided by Zyxel.
Where can I find more information about CVE-2023-33010?
You can find more information about CVE-2023-33010 in the Zyxel security advisory for multiple buffer overflow vulnerabilities of firewalls.
- collector/nvd-latest
- agent/type
- agent/title
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/first-publish-date
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/references
- agent/author
- agent/event
- agent/source
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-api
- collector/nvd-index
- vendor/zyxel
- canonical/zyxel multiple firewalls
- canonical/zyxel atp100 firmware
- version/zyxel atp100 firmware/4.32
- version/zyxel atp100 firmware/5.36
- version/zyxel atp100 firmware/5.36-patch1
- canonical/zyxel atp200 firmware
- version/zyxel atp200 firmware/4.32
- version/zyxel atp200 firmware/5.36
- version/zyxel atp200 firmware/5.36-patch1
- canonical/zyxel atp500 firmware
- version/zyxel atp500 firmware/4.32
- version/zyxel atp500 firmware/5.36
- version/zyxel atp500 firmware/5.36-patch1
- canonical/zyxel atp100w firmware
- version/zyxel atp100w firmware/4.32
- version/zyxel atp100w firmware/5.36
- version/zyxel atp100w firmware/5.36-patch1
- canonical/zyxel atp700 firmware
- version/zyxel atp700 firmware/4.32
- version/zyxel atp700 firmware/5.36
- version/zyxel atp700 firmware/5.36-patch1
- canonical/zyxel atp800
- version/zyxel atp800/4.32
- version/zyxel atp800/5.36
- version/zyxel atp800/5.36-patch1
- canonical/zyxel atp800 firmware
- canonical/zyxel usg flex 100 firmware
- version/zyxel usg flex 100 firmware/4.50
- version/zyxel usg flex 100 firmware/5.36
- version/zyxel usg flex 100 firmware/5.36-patch1
- canonical/zyxel usg flex 100
- canonical/zyxel usg flex 50(w) series firmware
- version/zyxel usg flex 50(w) series firmware/5.36
- version/zyxel usg flex 50(w) series firmware/5.36-patch1
- canonical/zyxel usg flex 50
- canonical/zyxel usg flex 200
- version/zyxel usg flex 200/4.50
- version/zyxel usg flex 200/5.36
- version/zyxel usg flex 200/5.36-patch1
- canonical/zyxel usg flex 200 firmware
- canonical/zyxel usg flex 500
- version/zyxel usg flex 500/4.50
- version/zyxel usg flex 500/5.36
- version/zyxel usg flex 500/5.36-patch1
- canonical/zyxel usg flex 500 firmware
- canonical/zyxel usg flex 700 firmware
- version/zyxel usg flex 700 firmware/4.50
- version/zyxel usg flex 700 firmware/5.36
- version/zyxel usg flex 700 firmware/5.36-patch1
- canonical/zyxel usg flex 100w firmware
- version/zyxel usg flex 100w firmware/5.36
- version/zyxel usg flex 100w firmware/5.36-patch1
- canonical/zyxel usg flex 50w
- version/zyxel usg flex 50w/4.25
- version/zyxel usg flex 50w/5.36
- version/zyxel usg flex 50w/5.36-patch1
- canonical/zyxel usg 20w-vpn firmware
- version/zyxel usg 20w-vpn firmware/5.36
- version/zyxel usg 20w-vpn firmware/5.36-patch1
- canonical/zyxel usg20
- canonical/zyxel vpn100
- version/zyxel vpn100/4.30
- version/zyxel vpn100/5.36
- version/zyxel vpn100/5.36-patch1
- canonical/zyxel vpn100 firmware
- canonical/zyxel zywall vpn 50 firmware
- version/zyxel zywall vpn 50 firmware/4.30
- version/zyxel zywall vpn 50 firmware/5.36
- version/zyxel zywall vpn 50 firmware/5.36-patch1
- canonical/zyxel vpn50 firmware
- canonical/zyxel zywall vpn 300 firmware
- version/zyxel zywall vpn 300 firmware/4.30
- version/zyxel zywall vpn 300 firmware/5.36
- version/zyxel zywall vpn 300 firmware/5.36-patch1
- canonical/zyxel vpn300
- canonical/zyxel vpn1000 firmware
- version/zyxel vpn1000 firmware/4.30
- version/zyxel vpn1000 firmware/5.36
- version/zyxel vpn1000 firmware/5.36-patch1
- canonical/zyxel usg20-vpn firmware
- version/zyxel usg20-vpn firmware/4.30
- version/zyxel usg20-vpn firmware/5.36
- version/zyxel usg20-vpn firmware/5.36-patch1
- canonical/zyxel usg 40 firmware
- version/zyxel usg 40 firmware/4.25
- version/zyxel usg 40 firmware/4.73
- version/zyxel usg 40 firmware/4.73-patch1
- canonical/zyxel usg40w
- canonical/zyxel usg40w firmware
- version/zyxel usg40w firmware/4.25
- version/zyxel usg40w firmware/4.73
- version/zyxel usg40w firmware/4.73-patch1
- canonical/zyxel usg60w firmware
- version/zyxel usg60w firmware/4.25
- version/zyxel usg60w firmware/4.73
- version/zyxel usg60w firmware/4.73-patch1
- canonical/zyxel usg 60w firmware
- canonical/zyxel usg60 firmware
- version/zyxel usg60 firmware/4.25
- version/zyxel usg60 firmware/4.73
- version/zyxel usg60 firmware/4.73-patch1
- canonical/zyxel usg60w