CVE-2023-28768

CVSS V2 None CVSS V3 None
Description
Improper frame handling in the Zyxel XGS2220-30 firmware version V4.80(ABXN.1), XMG1930-30 firmware version V4.80(ACAR.1), and XS1930-10 firmware version V4.80(ABQE.1) could allow an unauthenticated LAN-based attacker to cause denial-of-service (DoS) conditions by sending crafted frames to an affected switch.
Overview
  • CVE ID
  • CVE-2023-28768
  • Assigner
  • security@zyxel.com.tw
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-08-14T17:15:10
  • Last Modified Date
  • 2023-08-21T16:07:05
Weakness Enumerations
CWE URL
CWE-755 http://cwe.mitre.org/data/definitions/755.html
CWE-755 http://cwe.mitre.org/data/definitions/755.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:zyxel:xgs2220-30_firmware:4.80\(abxn.1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:zyxel:xgs2220-30:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2220-30f_firmware:4.80\(abye.1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:zyxel:xgs2220-30f:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2220-30hp_firmware:4.80\(abxo.1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:zyxel:xgs2220-30hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2220-54_firmware:4.80\(abxp.1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:zyxel:xgs2220-54:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2220-54fp_firmware:4.80\(acce.1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:zyxel:xgs2220-54fp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xgs2220-54hp_firmware:4.80\(abxq.1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:zyxel:xgs2220-54hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xmg1930-30_firmware:4.80\(acar.1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:zyxel:xmg1930-30:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xmg1930-30hp_firmware:4.80\(acas.1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:zyxel:xmg1930-30hp:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xs1930-10_firmware:4.80\(abqe.1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:zyxel:xs1930-10:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xs1930-12f_firmware:4.80\(abzv.1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:zyxel:xs1930-12f:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:zyxel:xs1930-12hp_firmware:4.80\(abqf.1\):*:*:*:*:*:*:* 1 OR
cpe:2.3:h:zyxel:xs1930-12hp:-:*:*:*:*:*:*:* 0 OR
References
Reference URL Reference Tags
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-xgs2220-xmg1930-and-xs1930-series-switches Patch Vendor Advisory
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-28768
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28768
History
Created Old Value New Value Data Type Notes
2023-09-06 03:42:21 Added to TrackCVE
2023-09-06 03:42:24 Weakness Enumeration new