CVE-2023-37925

28.11.2023, 02:15

An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, VPN series firmware versions 4.30 through 5.37, NWA50AX firmware version 6.29(ABYW.2), WAC500 firmware version 6.65(ABVS.1), WAX300H firmware version 6.60(ACHF.1), and WBE660S firmware version 6.65(ACGG.1), could allow an authenticated local attacker to access system files on an affected device.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Zyxel	CNA	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 22%

Vendor	Product	Version
zyxel	zld	4.32 ≤ 𝑥 ≤ 5.37
zyxel	zld	4.50 ≤ 𝑥 ≤ 5.37
zyxel	zld	4.16 ≤ 𝑥 ≤ 5.37
zyxel	zld	4.30 ≤ 𝑥 ≤ 5.37
zyxel	nwa110ax_firmware	𝑥 < 6.70\(abtg.0\)
zyxel	nwa1123acv3_firmware	𝑥 < 6.70\(abvt.0\)
zyxel	nwa210ax_firmware	𝑥 < 6.70\(abtd.0\)
zyxel	nwa220ax-6e_firmware	𝑥 < 6.70\(acco.0\)
zyxel	nwa50ax_firmware	𝑥 < 6.80\(abyw.0\)
zyxel	nwa50ax-pro_firmware	𝑥 < 6.80\(acge.0\)
zyxel	nwa55axe_firmware	𝑥 < 6.80\(abzl.0\)
zyxel	nwa90ax_firmware	𝑥 < 6.80\(accv.0\)
zyxel	nwa90ax-pro_firmware	𝑥 < 6.80\(acgf.0\)
zyxel	wac500_firmware	𝑥 < 6.70\(abvs.0\)
zyxel	wac500h_firmware	𝑥 < 6.70\(abwa.0\)
zyxel	wax510d_firmware	𝑥 < 6.70\(abtf.0\)
zyxel	wax610d_firmware	𝑥 < 6.70\(abte.0\)
zyxel	wax620d-6e_firmware	𝑥 < 6.70\(accn.0\)
zyxel	wax630s_firmware	𝑥 < 6.70\(abzd.0\)
zyxel	wax640s-6e_firmware	𝑥 < 6.70\(accm.0\)
zyxel	wax650s_firmware	𝑥 < 6.70\(abrm.0\)
zyxel	wax655e_firmware	𝑥 < 6.70\(acdo.0\)
zyxel	wbe660s_firmware	𝑥 < 6.70\(acgg.0\)

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-269 - Improper Privilege Management
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps