CVE-2023-33009

CRITICAL KEV

Zyxel ATP/USG FLEX/USG20/VPN/ZyWALL Firmware 4.60-5.36 - Unauthenticated Buffer Overflow

Title source: llm

Exploitation Summary

CVE-2023-33009 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added June 5, 2023.

Description

A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.

References (2)

Core 2

Core References

Vendor Advisory

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-buffer-overflow-vulnerabilities-of-firewalls

US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-33009

Scores

CVSS v3 9.8

EPSS 0.0558

EPSS Percentile 90.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable yes

Technical Impact total

Details

CISA KEV 2023-06-05

VulnCheck KEV 2023-06-05

InTheWild.io 2023-06-05

ENISA EUVD EUVD-2023-37198

CWE

CWE-120

Status published

Products (33)

zyxel/atp100_firmware 5.36 (2 CPE variants)

zyxel/atp100_firmware 4.60 - 5.36

zyxel/atp100w_firmware 5.36 (2 CPE variants)

zyxel/atp100w_firmware 4.60 - 5.36

zyxel/atp200_firmware 5.36 (2 CPE variants)

zyxel/atp200_firmware 4.60 - 5.36

zyxel/atp500_firmware 5.36 (2 CPE variants)

zyxel/atp500_firmware 4.60 - 5.36

zyxel/atp700_firmware 5.36 (2 CPE variants)

zyxel/atp700_firmware 4.60 - 5.36

... and 23 more

Published May 24, 2023

KEV Added Jun 05, 2023

Tracked Since Feb 18, 2026