Skip to main content

Security researchers from TRAPA Security and STAR Labs SG have disclosed two new critical buffer overflow vulnerabilities in Zyxel Firewall and VPN products. These vulnerabilities, tracked under the CVE IDs CVE-2023-33009 and CVE-2023-33010, are categorized as Critical in severity. They enable attackers to carry out Denial of Service and Remote Code Execution attacks on the affected Zyxel products. Given the severity of these flaws, it is crucial for users of Zyxel’s Firewall and VPN products to address these vulnerabilities promptly. In this post, we will provide a summary of the two buffer overflow vulnerabilities found in Zyxel products, list the affected products, and, most importantly, explain how to fix these two vulnerabilities: CVE-2023-33009 and CVE-2023-33010.

A Short Introduction About Zyxel and Its Products

Zyxel Communications Corp. is a company that specializes in manufacturing networking devices. Founded in 1989 in Taiwan, Zyxel has become a leading provider of complete broadband access solutions for service providers, as well as businesses and home users.

The company produces a wide range of products in the networking field. Here are some of the main categories of Zyxel products:

  1. Network Switches: Zyxel offers a variety of switches, including managed and unmanaged, as well as PoE (Power over Ethernet) switches. These switches can be used in various settings, from small home networks to large enterprise systems.
  2. Routers: Zyxel produces a range of routers for both home and business use. This includes VPN routers, wireless routers, and routers with integrated modems.
  3. Wireless Access Points: Zyxel provides a range of wireless solutions, including access points for businesses of all sizes. They also offer solutions for public WiFi networks and home use.
  4. Network Security Appliances: Zyxel has a line of network security products, including unified security gateways and next-generation firewalls. These products offer advanced security features to protect against cyber threats.
  5. Network Storage: Zyxel also offers network storage solutions, including Network Attached Storage (NAS) devices. These devices can be used for data backup, file sharing, and other network storage needs.

Summary of Buffer Overflow Vulnerabilities in Zyxel Products

Here are the vulnerabilities found in Zyxel products.


  • Vendor: Zyxel
  • Vulnerability Type: Buffer Overflow Vulnerability
  • Base Score: 9.8 Critical
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

This is a Buffer Overflow vulnerability lice in ID Processing Functionof Zyxel Firewalls. A specific group of firewall versions has been found to contain a buffer overflow vulnerability within the notification function. If left unpatched, this security flaw could enable unauthenticated attackers to exploit the vulnerability, leading to potential DoS conditions and even remote code execution on affected devices.


  • Vendor: Zyxel
  • Vulnerability Type: Buffer Overflow Vulnerability
  • Base Score: 9.8 Critical
  • Vector:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

This is a Buffer Overflow vulnerability lice in notification function of Zyxel Firewalls. Another vulnerability affecting certain firewall versions has been discovered in the ID processing function. Similar to the previous vulnerability, unauthenticated attackers can leverage this buffer overflow vulnerability to cause DoS conditions and potentially execute remote code on vulnerable devices.

See Also How To Fix CVE-2022-31042(3)- High Severity Sensitive Information Discloser Vulnerabilities In Drupal

Zyxel Products Affected By These Flaws:

As per the security advisory published by Zyxel, multiple products and versions are affected by these vulnerabilities.

Affected seriesAffected version
ATPZLD V4.32 to V5.36 Patch 1
USG FLEXZLD V4.50 to V5.36 Patch 1
USG FLEX50(W) / USG20(W)-VPNZLD V4.25 to V5.36 Patch 1
VPNZLD V4.30 to V5.36 Patch 1
ZyWALL/USGZLD V4.25 to V4.73 Patch 1

How to Fix CVE-2023-33009 and CVE-2023-33010?

In a continuous effort to enhance cybersecurity, Zyxel has taken swift action to address multiple buffer overflow vulnerabilities affecting their firewalls. These vulnerabilities pose significant risks, including the potential for denial-of-service (DoS) attacks and remote code execution. To ensure the optimal protection of your network, it is imperative to promptly install the provided patches.

The table below provides an overview of the affected series, their corresponding affected versions, and the availability of patches to mitigate the vulnerabilities:

Affected SeriesAffected VersionPatch Availability
ATPZLD V4.32 to V5.36 Patch 1ZLD V5.36 Patch 2
USG FLEXZLD V4.50 to V5.36 Patch 1ZLD V5.36 Patch 2
USG FLEX50(W) / USG20(W)-VPNZLD V4.25 to V5.36 Patch 1ZLD V5.36 Patch 2
VPNZLD V4.30 to V5.36 Patch 1ZLD V5.36 Patch 2
ZyWALL/USGZLD V4.25 to V4.73 Patch 1ZLD V4.73 Patch 2

It is crucial for users with firewalls from the aforementioned affected series and versions to take immediate action. By installing the provided patches, you can fix the CVE-2023-33009 and CVE-2023-33010 vulnerabilities and strengthen the security of your network.

Bottom Line

Ensuring the security and resilience of your network is of paramount importance. Zyxel has released patches to address buffer overflow vulnerabilities in Zyxel products, potentially resulting in DoS conditions and remote code execution. By installing the available patches for the affected series and versions, you can safeguard your network from potential exploitation by unauthenticated attackers.

Leave a Reply