Vulnerability Details CVE-2023-28768
Improper frame handling in the Zyxel XGS2220-30 firmware version V4.80(ABXN.1), XMG1930-30 firmware version V4.80(ACAR.1), and XS1930-10 firmware version V4.80(ABQE.1) could allow an unauthenticated LAN-based attacker to cause denial-of-service (DoS) conditions by sending crafted frames to an affected switch.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.6%
CVSS Severity
CVSS v3 Score 6.5
References
- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-xgs2220-xmg1930-and-xs1930-series-switches
- https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-xgs2220-xmg1930-and-xs1930-series-switches
Products affected by CVE-2023-28768
-
cpe:2.3:h:zyxel:xgs2220-30:-
-
cpe:2.3:h:zyxel:xgs2220-30f:-
-
cpe:2.3:h:zyxel:xgs2220-30hp:-
-
cpe:2.3:h:zyxel:xgs2220-54:-
-
cpe:2.3:h:zyxel:xgs2220-54fp:-
-
cpe:2.3:h:zyxel:xgs2220-54hp:-
-
cpe:2.3:h:zyxel:xmg1930-30:-
-
cpe:2.3:h:zyxel:xmg1930-30hp:-
-
cpe:2.3:h:zyxel:xs1930-10:-
-
cpe:2.3:h:zyxel:xs1930-12f:-
-
cpe:2.3:h:zyxel:xs1930-12hp:-
-
cpe:2.3:o:zyxel:xgs2220-30_firmware:4.80(abxn.1)
-
cpe:2.3:o:zyxel:xgs2220-30f_firmware:4.80(abye.1)
-
cpe:2.3:o:zyxel:xgs2220-30hp_firmware:4.80(abxo.1)
-
cpe:2.3:o:zyxel:xgs2220-54_firmware:4.80(abxp.1)
-
cpe:2.3:o:zyxel:xgs2220-54fp_firmware:4.80(acce.1)
-
cpe:2.3:o:zyxel:xgs2220-54hp_firmware:4.80(abxq.1)
-
cpe:2.3:o:zyxel:xmg1930-30_firmware:4.80(acar.1)
-
cpe:2.3:o:zyxel:xmg1930-30hp_firmware:4.80(acas.1)
-
cpe:2.3:o:zyxel:xs1930-10_firmware:4.80(abqe.1)
-
cpe:2.3:o:zyxel:xs1930-12f_firmware:4.80(abzv.1)
-
cpe:2.3:o:zyxel:xs1930-12hp_firmware:4.80(abqf.1)