// For flags

CVE-2023-5797

 

Severity Score

5.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access the administrator’s logs on an affected device.

Una vulnerabilidad de administración de privilegios inadecuada en el comando CLI de depuración de las versiones de firmware:
serie Zyxel ATP 4.32 a 5.37,
serie USG FLEX 4.50 a 5.37,
serie USG FLEX 50(W) 4.16 a 5.37,
serie USG20(W)-VPN 4.16 a 5.37,
serie VPN 4.30 a 5.37,
NWA50AX 6.29 (ABYW.2),
WAC500 6.65 (ABVS.1),
WAX300H 6.60 (ACHF.1) y
WBE660S 6.65 ( ACGG.1),.
Podría permitir que un atacante local autenticado acceda a los registros del administrador en un dispositivo afectado.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-10-26 CVE Reserved
  • 2023-11-28 CVE Published
  • 2023-11-28 EPSS Updated
  • 2024-08-02 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-269: Improper Privilege Management
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.32 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.32 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Atp100
Search vendor "Zyxel" for product "Atp100"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.32 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.32 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Atp100w
Search vendor "Zyxel" for product "Atp100w"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.32 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.32 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Atp200
Search vendor "Zyxel" for product "Atp200"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.32 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.32 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Atp500
Search vendor "Zyxel" for product "Atp500"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.32 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.32 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Atp700
Search vendor "Zyxel" for product "Atp700"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.32 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.32 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Atp800
Search vendor "Zyxel" for product "Atp800"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.50 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.50 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Usg Flex 100
Search vendor "Zyxel" for product "Usg Flex 100"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.50 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.50 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Usg Flex 100w
Search vendor "Zyxel" for product "Usg Flex 100w"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.50 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.50 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Usg Flex 200
Search vendor "Zyxel" for product "Usg Flex 200"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.50 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.50 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Usg Flex 50
Search vendor "Zyxel" for product "Usg Flex 50"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.50 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.50 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Usg Flex 500
Search vendor "Zyxel" for product "Usg Flex 500"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.50 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.50 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Usg Flex 50w
Search vendor "Zyxel" for product "Usg Flex 50w"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.50 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.50 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Usg Flex 700
Search vendor "Zyxel" for product "Usg Flex 700"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.16 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.16 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Usg 20w-vpn
Search vendor "Zyxel" for product "Usg 20w-vpn"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.16 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.16 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Vpn50w
Search vendor "Zyxel" for product "Vpn50w"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.30 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.30 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Vpn100
Search vendor "Zyxel" for product "Vpn100"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.30 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.30 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Vpn1000
Search vendor "Zyxel" for product "Vpn1000"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.30 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.30 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Vpn300
Search vendor "Zyxel" for product "Vpn300"
--
Safe
Zyxel
Search vendor "Zyxel"
Zld
Search vendor "Zyxel" for product "Zld"
>= 4.30 <= 5.37
Search vendor "Zyxel" for product "Zld" and version " >= 4.30 <= 5.37"
-
Affected
in Zyxel
Search vendor "Zyxel"
Vpn50
Search vendor "Zyxel" for product "Vpn50"
--
Safe
Zyxel
Search vendor "Zyxel"
Nwa110ax Firmware
Search vendor "Zyxel" for product "Nwa110ax Firmware"
< 6.70\(abtg.0\)
Search vendor "Zyxel" for product "Nwa110ax Firmware" and version " < 6.70\(abtg.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Nwa110ax
Search vendor "Zyxel" for product "Nwa110ax"
--
Safe
Zyxel
Search vendor "Zyxel"
Nwa1123acv3 Firmware
Search vendor "Zyxel" for product "Nwa1123acv3 Firmware"
< 6.70\(abvt.0\)
Search vendor "Zyxel" for product "Nwa1123acv3 Firmware" and version " < 6.70\(abvt.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Nwa1123acv3
Search vendor "Zyxel" for product "Nwa1123acv3"
--
Safe
Zyxel
Search vendor "Zyxel"
Nwa210ax Firmware
Search vendor "Zyxel" for product "Nwa210ax Firmware"
< 6.70\(abtd.0\)
Search vendor "Zyxel" for product "Nwa210ax Firmware" and version " < 6.70\(abtd.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Nwa210ax
Search vendor "Zyxel" for product "Nwa210ax"
--
Safe
Zyxel
Search vendor "Zyxel"
Nwa220ax-6e Firmware
Search vendor "Zyxel" for product "Nwa220ax-6e Firmware"
< 6.70\(acco.0\)
Search vendor "Zyxel" for product "Nwa220ax-6e Firmware" and version " < 6.70\(acco.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Nwa220ax-6e
Search vendor "Zyxel" for product "Nwa220ax-6e"
--
Safe
Zyxel
Search vendor "Zyxel"
Nwa50ax Firmware
Search vendor "Zyxel" for product "Nwa50ax Firmware"
< 6.80\(abyw.0\)
Search vendor "Zyxel" for product "Nwa50ax Firmware" and version " < 6.80\(abyw.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Nwa50ax
Search vendor "Zyxel" for product "Nwa50ax"
--
Safe
Zyxel
Search vendor "Zyxel"
Nwa50ax-pro Firmware
Search vendor "Zyxel" for product "Nwa50ax-pro Firmware"
< 6.80\(acge.0\)
Search vendor "Zyxel" for product "Nwa50ax-pro Firmware" and version " < 6.80\(acge.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Nwa50ax-pro
Search vendor "Zyxel" for product "Nwa50ax-pro"
--
Safe
Zyxel
Search vendor "Zyxel"
Nwa55axe Firmware
Search vendor "Zyxel" for product "Nwa55axe Firmware"
< 6.80\(abzl.0\)
Search vendor "Zyxel" for product "Nwa55axe Firmware" and version " < 6.80\(abzl.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Nwa55axe
Search vendor "Zyxel" for product "Nwa55axe"
--
Safe
Zyxel
Search vendor "Zyxel"
Nwa90ax Firmware
Search vendor "Zyxel" for product "Nwa90ax Firmware"
< 6.80\(accv.0\)
Search vendor "Zyxel" for product "Nwa90ax Firmware" and version " < 6.80\(accv.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Nwa90ax
Search vendor "Zyxel" for product "Nwa90ax"
--
Safe
Zyxel
Search vendor "Zyxel"
Nwa90ax-pro Firmware
Search vendor "Zyxel" for product "Nwa90ax-pro Firmware"
< 6.80\(acgf.0\)
Search vendor "Zyxel" for product "Nwa90ax-pro Firmware" and version " < 6.80\(acgf.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Nwa90ax-pro
Search vendor "Zyxel" for product "Nwa90ax-pro"
--
Safe
Zyxel
Search vendor "Zyxel"
Wac500 Firmware
Search vendor "Zyxel" for product "Wac500 Firmware"
< 6.70\(abvs.0\)
Search vendor "Zyxel" for product "Wac500 Firmware" and version " < 6.70\(abvs.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Wac500
Search vendor "Zyxel" for product "Wac500"
--
Safe
Zyxel
Search vendor "Zyxel"
Wac500h Firmware
Search vendor "Zyxel" for product "Wac500h Firmware"
< 6.70\(abwa.0\)
Search vendor "Zyxel" for product "Wac500h Firmware" and version " < 6.70\(abwa.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Wac500h
Search vendor "Zyxel" for product "Wac500h"
--
Safe
Zyxel
Search vendor "Zyxel"
Wax510d Firmware
Search vendor "Zyxel" for product "Wax510d Firmware"
< 6.70\(abtf.0\)
Search vendor "Zyxel" for product "Wax510d Firmware" and version " < 6.70\(abtf.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Wax510d
Search vendor "Zyxel" for product "Wax510d"
--
Safe
Zyxel
Search vendor "Zyxel"
Wax610d Firmware
Search vendor "Zyxel" for product "Wax610d Firmware"
< 6.70\(abte.0\)
Search vendor "Zyxel" for product "Wax610d Firmware" and version " < 6.70\(abte.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Wax610d
Search vendor "Zyxel" for product "Wax610d"
--
Safe
Zyxel
Search vendor "Zyxel"
Wax620d-6e Firmware
Search vendor "Zyxel" for product "Wax620d-6e Firmware"
< 6.70\(accn.0\)
Search vendor "Zyxel" for product "Wax620d-6e Firmware" and version " < 6.70\(accn.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Wax620d-6e
Search vendor "Zyxel" for product "Wax620d-6e"
--
Safe
Zyxel
Search vendor "Zyxel"
Wax630s Firmware
Search vendor "Zyxel" for product "Wax630s Firmware"
< 6.70\(abzd.0\)
Search vendor "Zyxel" for product "Wax630s Firmware" and version " < 6.70\(abzd.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Wax630s
Search vendor "Zyxel" for product "Wax630s"
--
Safe
Zyxel
Search vendor "Zyxel"
Wax640s-6e Firmware
Search vendor "Zyxel" for product "Wax640s-6e Firmware"
< 6.70\(accm.0\)
Search vendor "Zyxel" for product "Wax640s-6e Firmware" and version " < 6.70\(accm.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Wax640s-6e
Search vendor "Zyxel" for product "Wax640s-6e"
--
Safe
Zyxel
Search vendor "Zyxel"
Wax650s Firmware
Search vendor "Zyxel" for product "Wax650s Firmware"
< 6.70\(abrm.0\)
Search vendor "Zyxel" for product "Wax650s Firmware" and version " < 6.70\(abrm.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Wax650s
Search vendor "Zyxel" for product "Wax650s"
--
Safe
Zyxel
Search vendor "Zyxel"
Wax655e Firmware
Search vendor "Zyxel" for product "Wax655e Firmware"
< 6.70\(acdo.0\)
Search vendor "Zyxel" for product "Wax655e Firmware" and version " < 6.70\(acdo.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Wax655e
Search vendor "Zyxel" for product "Wax655e"
--
Safe
Zyxel
Search vendor "Zyxel"
Wbe660s Firmware
Search vendor "Zyxel" for product "Wbe660s Firmware"
< 6.70\(acgg.0\)
Search vendor "Zyxel" for product "Wbe660s Firmware" and version " < 6.70\(acgg.0\)"
-
Affected
in Zyxel
Search vendor "Zyxel"
Wbe660s
Search vendor "Zyxel" for product "Wbe660s"
--
Safe