CVE-2023-5797
Severity Score
5.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.
Una vulnerabilidad de administración de privilegios inadecuada en el comando CLI de depuración de las versiones de firmware:
serie Zyxel ATP 4.32 a 5.37,
serie USG FLEX 4.50 a 5.37,
serie USG FLEX 50(W) 4.16 a 5.37,
serie USG20(W)-VPN 4.16 a 5.37,
serie VPN 4.30 a 5.37,
NWA50AX 6.29 (ABYW.2),
WAC500 6.65 (ABVS.1),
WAX300H 6.60 (ACHF.1) y
WBE660S 6.65 ( ACGG.1),.
Podría permitir que un atacante local autenticado acceda a los registros del administrador en un dispositivo afectado.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-10-26 CVE Reserved
- 2023-11-28 CVE Published
- 2023-11-28 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-269: Improper Privilege Management
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.32 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.32 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp100 Search vendor "Zyxel" for product "Atp100" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.32 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.32 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp100w Search vendor "Zyxel" for product "Atp100w" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.32 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.32 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp200 Search vendor "Zyxel" for product "Atp200" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.32 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.32 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp500 Search vendor "Zyxel" for product "Atp500" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.32 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.32 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp700 Search vendor "Zyxel" for product "Atp700" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.32 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.32 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Atp800 Search vendor "Zyxel" for product "Atp800" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.50 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.50 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 100 Search vendor "Zyxel" for product "Usg Flex 100" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.50 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.50 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 100w Search vendor "Zyxel" for product "Usg Flex 100w" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.50 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.50 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 200 Search vendor "Zyxel" for product "Usg Flex 200" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.50 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.50 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 50 Search vendor "Zyxel" for product "Usg Flex 50" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.50 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.50 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 500 Search vendor "Zyxel" for product "Usg Flex 500" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.50 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.50 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 50w Search vendor "Zyxel" for product "Usg Flex 50w" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.50 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.50 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg Flex 700 Search vendor "Zyxel" for product "Usg Flex 700" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.16 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.16 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Usg 20w-vpn Search vendor "Zyxel" for product "Usg 20w-vpn" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.16 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.16 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Vpn50w Search vendor "Zyxel" for product "Vpn50w" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.30 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.30 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Vpn100 Search vendor "Zyxel" for product "Vpn100" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.30 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.30 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Vpn1000 Search vendor "Zyxel" for product "Vpn1000" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.30 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.30 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Vpn300 Search vendor "Zyxel" for product "Vpn300" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Zld Search vendor "Zyxel" for product "Zld" | >= 4.30 <= 5.37 Search vendor "Zyxel" for product "Zld" and version " >= 4.30 <= 5.37" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Vpn50 Search vendor "Zyxel" for product "Vpn50" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Nwa110ax Firmware Search vendor "Zyxel" for product "Nwa110ax Firmware" | < 6.70\(abtg.0\) Search vendor "Zyxel" for product "Nwa110ax Firmware" and version " < 6.70\(abtg.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Nwa110ax Search vendor "Zyxel" for product "Nwa110ax" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Nwa1123acv3 Firmware Search vendor "Zyxel" for product "Nwa1123acv3 Firmware" | < 6.70\(abvt.0\) Search vendor "Zyxel" for product "Nwa1123acv3 Firmware" and version " < 6.70\(abvt.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Nwa1123acv3 Search vendor "Zyxel" for product "Nwa1123acv3" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Nwa210ax Firmware Search vendor "Zyxel" for product "Nwa210ax Firmware" | < 6.70\(abtd.0\) Search vendor "Zyxel" for product "Nwa210ax Firmware" and version " < 6.70\(abtd.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Nwa210ax Search vendor "Zyxel" for product "Nwa210ax" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Nwa220ax-6e Firmware Search vendor "Zyxel" for product "Nwa220ax-6e Firmware" | < 6.70\(acco.0\) Search vendor "Zyxel" for product "Nwa220ax-6e Firmware" and version " < 6.70\(acco.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Nwa220ax-6e Search vendor "Zyxel" for product "Nwa220ax-6e" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Nwa50ax Firmware Search vendor "Zyxel" for product "Nwa50ax Firmware" | < 6.80\(abyw.0\) Search vendor "Zyxel" for product "Nwa50ax Firmware" and version " < 6.80\(abyw.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Nwa50ax Search vendor "Zyxel" for product "Nwa50ax" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Nwa50ax-pro Firmware Search vendor "Zyxel" for product "Nwa50ax-pro Firmware" | < 6.80\(acge.0\) Search vendor "Zyxel" for product "Nwa50ax-pro Firmware" and version " < 6.80\(acge.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Nwa50ax-pro Search vendor "Zyxel" for product "Nwa50ax-pro" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Nwa55axe Firmware Search vendor "Zyxel" for product "Nwa55axe Firmware" | < 6.80\(abzl.0\) Search vendor "Zyxel" for product "Nwa55axe Firmware" and version " < 6.80\(abzl.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Nwa55axe Search vendor "Zyxel" for product "Nwa55axe" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Nwa90ax Firmware Search vendor "Zyxel" for product "Nwa90ax Firmware" | < 6.80\(accv.0\) Search vendor "Zyxel" for product "Nwa90ax Firmware" and version " < 6.80\(accv.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Nwa90ax Search vendor "Zyxel" for product "Nwa90ax" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Nwa90ax-pro Firmware Search vendor "Zyxel" for product "Nwa90ax-pro Firmware" | < 6.80\(acgf.0\) Search vendor "Zyxel" for product "Nwa90ax-pro Firmware" and version " < 6.80\(acgf.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Nwa90ax-pro Search vendor "Zyxel" for product "Nwa90ax-pro" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Wac500 Firmware Search vendor "Zyxel" for product "Wac500 Firmware" | < 6.70\(abvs.0\) Search vendor "Zyxel" for product "Wac500 Firmware" and version " < 6.70\(abvs.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Wac500 Search vendor "Zyxel" for product "Wac500" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Wac500h Firmware Search vendor "Zyxel" for product "Wac500h Firmware" | < 6.70\(abwa.0\) Search vendor "Zyxel" for product "Wac500h Firmware" and version " < 6.70\(abwa.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Wac500h Search vendor "Zyxel" for product "Wac500h" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Wax510d Firmware Search vendor "Zyxel" for product "Wax510d Firmware" | < 6.70\(abtf.0\) Search vendor "Zyxel" for product "Wax510d Firmware" and version " < 6.70\(abtf.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Wax510d Search vendor "Zyxel" for product "Wax510d" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Wax610d Firmware Search vendor "Zyxel" for product "Wax610d Firmware" | < 6.70\(abte.0\) Search vendor "Zyxel" for product "Wax610d Firmware" and version " < 6.70\(abte.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Wax610d Search vendor "Zyxel" for product "Wax610d" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Wax620d-6e Firmware Search vendor "Zyxel" for product "Wax620d-6e Firmware" | < 6.70\(accn.0\) Search vendor "Zyxel" for product "Wax620d-6e Firmware" and version " < 6.70\(accn.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Wax620d-6e Search vendor "Zyxel" for product "Wax620d-6e" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Wax630s Firmware Search vendor "Zyxel" for product "Wax630s Firmware" | < 6.70\(abzd.0\) Search vendor "Zyxel" for product "Wax630s Firmware" and version " < 6.70\(abzd.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Wax630s Search vendor "Zyxel" for product "Wax630s" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Wax640s-6e Firmware Search vendor "Zyxel" for product "Wax640s-6e Firmware" | < 6.70\(accm.0\) Search vendor "Zyxel" for product "Wax640s-6e Firmware" and version " < 6.70\(accm.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Wax640s-6e Search vendor "Zyxel" for product "Wax640s-6e" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Wax650s Firmware Search vendor "Zyxel" for product "Wax650s Firmware" | < 6.70\(abrm.0\) Search vendor "Zyxel" for product "Wax650s Firmware" and version " < 6.70\(abrm.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Wax650s Search vendor "Zyxel" for product "Wax650s" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Wax655e Firmware Search vendor "Zyxel" for product "Wax655e Firmware" | < 6.70\(acdo.0\) Search vendor "Zyxel" for product "Wax655e Firmware" and version " < 6.70\(acdo.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Wax655e Search vendor "Zyxel" for product "Wax655e" | - | - |
Safe
|
| Zyxel Search vendor "Zyxel" | Wbe660s Firmware Search vendor "Zyxel" for product "Wbe660s Firmware" | < 6.70\(acgg.0\) Search vendor "Zyxel" for product "Wbe660s Firmware" and version " < 6.70\(acgg.0\)" | - |
Affected
| in | Zyxel Search vendor "Zyxel" | Wbe660s Search vendor "Zyxel" for product "Wbe660s" | - | - |
Safe
|