CVE-2023-22917
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A buffer overflow vulnerability in the “sdwan_iface_ipc” binary of Zyxel ATP series firmware versions 5.10 through 5.32, USG FLEX series firmware versions 5.00 through 5.32, USG FLEX 50(W) firmware versions 5.10 through 5.32, USG20(W)-VPN firmware versions 5.10 through 5.32, and VPN series firmware versions 5.00 through 5.35, which could allow a remote unauthenticated attacker to cause a core dump with a request error message on a vulnerable device by uploading a crafted configuration file.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-01-10 CVE Reserved
- 2023-04-24 CVE Published
- 2024-08-02 CVE Updated
- 2024-11-14 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Zyxel Search vendor "Zyxel" | Usg Flex 100 Firmware Search vendor "Zyxel" for product "Usg Flex 100 Firmware" | >= 5.00 <= 5.32 Search vendor "Zyxel" for product "Usg Flex 100 Firmware" and version " >= 5.00 <= 5.32" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 100 Search vendor "Zyxel" for product "Usg Flex 100" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Usg Flex 100w Firmware Search vendor "Zyxel" for product "Usg Flex 100w Firmware" | >= 5.00 <= 5.32 Search vendor "Zyxel" for product "Usg Flex 100w Firmware" and version " >= 5.00 <= 5.32" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 100w Search vendor "Zyxel" for product "Usg Flex 100w" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Usg Flex 200 Firmware Search vendor "Zyxel" for product "Usg Flex 200 Firmware" | >= 5.00 <= 5.32 Search vendor "Zyxel" for product "Usg Flex 200 Firmware" and version " >= 5.00 <= 5.32" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 200 Search vendor "Zyxel" for product "Usg Flex 200" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Usg Flex 50 Firmware Search vendor "Zyxel" for product "Usg Flex 50 Firmware" | >= 5.00 <= 5.32 Search vendor "Zyxel" for product "Usg Flex 50 Firmware" and version " >= 5.00 <= 5.32" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 50 Search vendor "Zyxel" for product "Usg Flex 50" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Usg Flex 50w Firmware Search vendor "Zyxel" for product "Usg Flex 50w Firmware" | >= 5.10 <= 5.32 Search vendor "Zyxel" for product "Usg Flex 50w Firmware" and version " >= 5.10 <= 5.32" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 50w Search vendor "Zyxel" for product "Usg Flex 50w" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Usg Flex 500 Firmware Search vendor "Zyxel" for product "Usg Flex 500 Firmware" | >= 5.00 <= 5.32 Search vendor "Zyxel" for product "Usg Flex 500 Firmware" and version " >= 5.00 <= 5.32" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 500 Search vendor "Zyxel" for product "Usg Flex 500" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Usg Flex 700 Firmware Search vendor "Zyxel" for product "Usg Flex 700 Firmware" | >= 5.00 <= 5.32 Search vendor "Zyxel" for product "Usg Flex 700 Firmware" and version " >= 5.00 <= 5.32" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 700 Search vendor "Zyxel" for product "Usg Flex 700" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Vpn100 Firmware Search vendor "Zyxel" for product "Vpn100 Firmware" | >= 5.00 <= 5.35 Search vendor "Zyxel" for product "Vpn100 Firmware" and version " >= 5.00 <= 5.35" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Vpn100 Search vendor "Zyxel" for product "Vpn100" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Vpn1000 Firmware Search vendor "Zyxel" for product "Vpn1000 Firmware" | >= 5.00 <= 5.35 Search vendor "Zyxel" for product "Vpn1000 Firmware" and version " >= 5.00 <= 5.35" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Vpn1000 Search vendor "Zyxel" for product "Vpn1000" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Vpn300 Firmware Search vendor "Zyxel" for product "Vpn300 Firmware" | >= 5.00 <= 5.35 Search vendor "Zyxel" for product "Vpn300 Firmware" and version " >= 5.00 <= 5.35" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Vpn300 Search vendor "Zyxel" for product "Vpn300" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Vpn50 Firmware Search vendor "Zyxel" for product "Vpn50 Firmware" | >= 5.00 <= 5.35 Search vendor "Zyxel" for product "Vpn50 Firmware" and version " >= 5.00 <= 5.35" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Vpn50 Search vendor "Zyxel" for product "Vpn50" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Usg 20w-vpn Firmware Search vendor "Zyxel" for product "Usg 20w-vpn Firmware" | >= 5.10 <= 5.32 Search vendor "Zyxel" for product "Usg 20w-vpn Firmware" and version " >= 5.10 <= 5.32" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg 20w-vpn Search vendor "Zyxel" for product "Usg 20w-vpn" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Atp100 Firmware Search vendor "Zyxel" for product "Atp100 Firmware" | >= 5.10 <= 5.32 Search vendor "Zyxel" for product "Atp100 Firmware" and version " >= 5.10 <= 5.32" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp100 Search vendor "Zyxel" for product "Atp100" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Atp100w Firmware Search vendor "Zyxel" for product "Atp100w Firmware" | >= 5.10 <= 5.32 Search vendor "Zyxel" for product "Atp100w Firmware" and version " >= 5.10 <= 5.32" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp100w Search vendor "Zyxel" for product "Atp100w" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Atp200 Firmware Search vendor "Zyxel" for product "Atp200 Firmware" | >= 5.10 <= 5.32 Search vendor "Zyxel" for product "Atp200 Firmware" and version " >= 5.10 <= 5.32" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp200 Search vendor "Zyxel" for product "Atp200" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Atp500 Firmware Search vendor "Zyxel" for product "Atp500 Firmware" | >= 5.10 <= 5.32 Search vendor "Zyxel" for product "Atp500 Firmware" and version " >= 5.10 <= 5.32" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp500 Search vendor "Zyxel" for product "Atp500" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Atp700 Firmware Search vendor "Zyxel" for product "Atp700 Firmware" | >= 5.10 <= 5.32 Search vendor "Zyxel" for product "Atp700 Firmware" and version " >= 5.10 <= 5.32" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp700 Search vendor "Zyxel" for product "Atp700" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Atp800 Firmware Search vendor "Zyxel" for product "Atp800 Firmware" | >= 5.10 <= 5.32 Search vendor "Zyxel" for product "Atp800 Firmware" and version " >= 5.10 <= 5.32" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp800 Search vendor "Zyxel" for product "Atp800" | - | - |
Safe
|