Actively exploited in the wild
Zyxel Multiple Firewalls Buffer Overflow Vulnerability
Zyxel — Multiple Firewalls · Listed in the CISA KEV since 2023-06-05. This indicates confirmed attacks in production environments.
Required action: Apply updates per vendor instructions.
CVE-2023-33009
CriticalCVSS 9.8KEVExploitation Probability (EPSS)
Very high risk98th percentile — higher than 98% of all known CVEs
Summary
CVE-2023-33009 describes a buffer overflow vulnerability in the notification function in the firmware of Zyxel ATP series, USG FLEX series, USG20(W)-VPN, VPN series, and ZyWALL/USG series. This could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even remote code execution on an affected device.
Risk Assessment
The risk to the organization includes the potential for remote code execution and denial-of-service, which could lead to significant disruptions in system operations.
Recommendation
It is recommended to update the firmware to the latest version to mitigate this vulnerability and to monitor systems for unauthorized activities.
Original NVD description (English source)
A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.

