CVE-2023-28768

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

Improper frame handling in the Zyxel XGS2220-30 firmware version V4.80(ABXN.1), XMG1930-30 firmware version V4.80(ACAR.1), and XS1930-10 firmware version V4.80(ABQE.1) could allow an unauthenticated LAN-based attacker to cause denial-of-service (DoS) conditions by sending crafted frames to an affected switch.

El manejo inadecuado de tramas en el firmware Zyxel XGS2220-30 versión V4.80(ABXN.1), firmware XMG1930-30 versión V4.80(ACAR.1), y firmware XS1930-10 versión V4.80(ABQE.1) podría permitir a un atacante no autenticado basado en LAN provocar condiciones de denegación de servicio (DoS) enviando tramas manipuladas a un conmutador afectado.

*Credits: N/A

CVSS Scores

Zyxel Corporationv3.1 6.5

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-03-23 CVE Reserved
2023-08-14 CVE Published
2023-08-15 EPSS Updated
2024-10-01 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-755: Improper Handling of Exceptional Conditions

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-xgs2220-xmg1930-and-xs1930-series-switches	2023-08-21

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Zyxel Search vendor "Zyxel"	Xgs2220-30 Firmware Search vendor "Zyxel" for product "Xgs2220-30 Firmware"	4.80\(abxn.1\) Search vendor "Zyxel" for product "Xgs2220-30 Firmware" and version "4.80\(abxn.1\)"	-	Affected	in	Zyxel Search vendor "Zyxel"	Xgs2220-30 Search vendor "Zyxel" for product "Xgs2220-30"	-	-	Safe
Zyxel Search vendor "Zyxel"	Xgs2220-30f Firmware Search vendor "Zyxel" for product "Xgs2220-30f Firmware"	4.80\(abye.1\) Search vendor "Zyxel" for product "Xgs2220-30f Firmware" and version "4.80\(abye.1\)"	-	Affected	in	Zyxel Search vendor "Zyxel"	Xgs2220-30f Search vendor "Zyxel" for product "Xgs2220-30f"	-	-	Safe
Zyxel Search vendor "Zyxel"	Xgs2220-30hp Firmware Search vendor "Zyxel" for product "Xgs2220-30hp Firmware"	4.80\(abxo.1\) Search vendor "Zyxel" for product "Xgs2220-30hp Firmware" and version "4.80\(abxo.1\)"	-	Affected	in	Zyxel Search vendor "Zyxel"	Xgs2220-30hp Search vendor "Zyxel" for product "Xgs2220-30hp"	-	-	Safe
Zyxel Search vendor "Zyxel"	Xgs2220-54 Firmware Search vendor "Zyxel" for product "Xgs2220-54 Firmware"	4.80\(abxp.1\) Search vendor "Zyxel" for product "Xgs2220-54 Firmware" and version "4.80\(abxp.1\)"	-	Affected	in	Zyxel Search vendor "Zyxel"	Xgs2220-54 Search vendor "Zyxel" for product "Xgs2220-54"	-	-	Safe
Zyxel Search vendor "Zyxel"	Xgs2220-54fp Firmware Search vendor "Zyxel" for product "Xgs2220-54fp Firmware"	4.80\(acce.1\) Search vendor "Zyxel" for product "Xgs2220-54fp Firmware" and version "4.80\(acce.1\)"	-	Affected	in	Zyxel Search vendor "Zyxel"	Xgs2220-54fp Search vendor "Zyxel" for product "Xgs2220-54fp"	-	-	Safe
Zyxel Search vendor "Zyxel"	Xgs2220-54hp Firmware Search vendor "Zyxel" for product "Xgs2220-54hp Firmware"	4.80\(abxq.1\) Search vendor "Zyxel" for product "Xgs2220-54hp Firmware" and version "4.80\(abxq.1\)"	-	Affected	in	Zyxel Search vendor "Zyxel"	Xgs2220-54hp Search vendor "Zyxel" for product "Xgs2220-54hp"	-	-	Safe
Zyxel Search vendor "Zyxel"	Xmg1930-30 Firmware Search vendor "Zyxel" for product "Xmg1930-30 Firmware"	4.80\(acar.1\) Search vendor "Zyxel" for product "Xmg1930-30 Firmware" and version "4.80\(acar.1\)"	-	Affected	in	Zyxel Search vendor "Zyxel"	Xmg1930-30 Search vendor "Zyxel" for product "Xmg1930-30"	-	-	Safe
Zyxel Search vendor "Zyxel"	Xmg1930-30hp Firmware Search vendor "Zyxel" for product "Xmg1930-30hp Firmware"	4.80\(acas.1\) Search vendor "Zyxel" for product "Xmg1930-30hp Firmware" and version "4.80\(acas.1\)"	-	Affected	in	Zyxel Search vendor "Zyxel"	Xmg1930-30hp Search vendor "Zyxel" for product "Xmg1930-30hp"	-	-	Safe
Zyxel Search vendor "Zyxel"	Xs1930-10 Firmware Search vendor "Zyxel" for product "Xs1930-10 Firmware"	4.80\(abqe.1\) Search vendor "Zyxel" for product "Xs1930-10 Firmware" and version "4.80\(abqe.1\)"	-	Affected	in	Zyxel Search vendor "Zyxel"	Xs1930-10 Search vendor "Zyxel" for product "Xs1930-10"	-	-	Safe
Zyxel Search vendor "Zyxel"	Xs1930-12f Firmware Search vendor "Zyxel" for product "Xs1930-12f Firmware"	4.80\(abzv.1\) Search vendor "Zyxel" for product "Xs1930-12f Firmware" and version "4.80\(abzv.1\)"	-	Affected	in	Zyxel Search vendor "Zyxel"	Xs1930-12f Search vendor "Zyxel" for product "Xs1930-12f"	-	-	Safe
Zyxel Search vendor "Zyxel"	Xs1930-12hp Firmware Search vendor "Zyxel" for product "Xs1930-12hp Firmware"	4.80\(abqf.1\) Search vendor "Zyxel" for product "Xs1930-12hp Firmware" and version "4.80\(abqf.1\)"	-	Affected	in	Zyxel Search vendor "Zyxel"	Xs1930-12hp Search vendor "Zyxel" for product "Xs1930-12hp"	-	-	Safe