CVE-2023-6399

A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, and USG FLEX H series firmware versions from 1.10 through 1.10 Patch 1 could allow an authenticated IPSec VPN user to cause DoS conditions against the “deviceid” daemon by sending a crafted hostname to an affected device if it has the “Device Insight” feature enabled.

CVSS v3 5.7 MEDIUM

5.7^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.1 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024

Configurations

No configuration.

History

No history.

Information

Published : 2024-02-20 02:15

Updated : 2024-02-21 10:15

NVD link : CVE-2023-6399

Mitre link : CVE-2023-6399

CVE.ORG link : CVE-2023-6399

JSON object : View

Products Affected

No product.

CWE

CWE-134

Use of Externally-Controlled Format String

{"id": "CVE-2023-6399", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "security@zyxel.com.tw", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.1}]}, "published": "2024-02-20T02:15:49.407", "references": [{"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps-02-20-2024", "source": "security@zyxel.com.tw"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security@zyxel.com.tw", "description": [{"lang": "en", "value": "CWE-134"}]}], "descriptions": [{"lang": "en", "value": "A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1, and\u00a0USG FLEX H series firmware versions from 1.10 through 1.10 Patch 1 could allow an authenticated IPSec VPN user to cause DoS conditions against the \u201cdeviceid\u201d daemon by sending a crafted hostname to an affected device if it has the \u201cDevice Insight\u201d feature enabled."}, {"lang": "es", "value": "Una vulnerabilidad de cadena de formato en las versiones de firmware de la serie Zyxel ATP desde 4.32 hasta 5.37 Parche 1, versiones de firmware de la serie USG FLEX desde 4.50 hasta 5.37 Parche 1, versiones de firmware de la serie USG FLEX 50(W) desde 4.16 hasta 5.37 Parche 1 y USG20(W) -Las versiones de firmware de la serie VPN desde la 4.16 hasta la 5.37, parche 1, podr\u00edan permitir que un usuario de VPN IPSec autenticado provoque condiciones DoS contra el demonio \"deviceid\" enviando un nombre de host manipulado a un dispositivo afectado si tiene habilitada la funci\u00f3n \"Device Insight\"."}], "lastModified": "2024-02-21T10:15:42.900", "sourceIdentifier": "security@zyxel.com.tw"}