![]() Open an internet browser and go to URL: and login to your account. This will sync necessary info with the myZyxel server (info like running firmware version, MAC Address, S/N, etc.). This must be done before you can access your myZyxel account to download new firmware patches. Login to your ZLD appliance and go to Configuration → Licensing → Registration → Service and click the Service License Refresh button. ZyWALL/USG versions ZLD V4.25 to V4.73 Patch 1 are covered by ZLD V4.73 Patch 2.VPN versions ZLD V4.30 to V5.36 Patch 1 are covered by ZLD V5.36 Patch 2.USG FLEX50(W) / USG20(W)-VPN versions ZLD V4.25 to V5.36 Patch 1 are covered by ZLD V5.36 Patch 2.USG FLEX versions ZLD V4.50 to V5.36 Patch 1 are covered by ZLD V5.36 Patch 2.ATP versions ZLD V4.32 to V5.36 Patch 1 are covered by ZLD V5.36 Patch 2.The security advisory lists the vulnerable firewall series that are within their vulnerability support period: In case that isn't enough reason for you to act urgently, it is worth remembering that it only took four days for the first active exploitation to take place after Zyxel patched CVE-2022-30525 last year. The CVEs patched in these updates are:ĬVE-2023-33009: A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1.ĬVE-2023-33010: Another buffer overflow vulnerability in the ID processing function in the same Zyxel firmware versions.Ī buffer overflow is a type of software vulnerability that exists when an area of memory within a software application reaches its address boundary and writes into an adjacent memory region.īoth vulnerabilities received a CVSS score of 9.8 out of 10. ![]() The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. Exploitation of these vulnerabilities could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on the affected Zyxell firewalls.Īffected users should patch as a matter of urgency, and we urge you not to expose the management interfaces of network edge devices to the Internet, in order to reduce their attack surface. If you have Malwarebytes, update from within the app as there's no point in downloading the program to update your currently installed Malwarebytes.Zyxell has released a security advisory for multiple buffer overflow vulnerabilities. The download might be behind, but the program will auto-update. MajorGeeks posts the latest version available to us per Malwarebytes. ![]() Reduced utilization of system resources.A totally revamped GUI that supports DPI scaling for improved quality for hi-res displays.What's the Best Antivirus and Is Windows Defender Good Enough?.Which Anti-Malware App Is Best and Can It Run Alongside My Antivirus.What Happened to the Malwarebytes Offline Database?.Find out why IT experts, businesses, and technical support centers worldwide include Malwarebytes in their arsenal when fixing and defending their machines. With over 16 million downloads at MajorGeeks alone, Malwarebytes is one of the top-downloaded files of all time. ![]()
0 Comments
Leave a Reply. |