CVE-2018-9129

Published: Aug 15, 2018Modified: Nov 21, 2024

5.9

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in their Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections.

Affected (17)

Products: Zyxel: Zywall 110 Firmware, Zywall 1100 Firmware, Zywall 310 Firmware, Zywall Vpn 50 Firmware, Zywall Vpn 100 Firmware, Zywall Vpn 300 Firmware, Usg 20w Firmware, Usg 40 Firmware, Usg 40w Firmware, Usg 60 Firmware, Usg 60w Firmware, Usg 110 Firmware, Usg 2200 Vpn Firmware, Usg 310 Firmware, Usg 1100 Firmware, Usg 1900 Firmware, Usg 20w Vpn Firmware

17 products

Zywall Vpn 50 Firmware

Zywall Vpn 100 Firmware

Zywall Vpn 300 Firmware

Usg 2200 Vpn Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Zywall 110 Firmware	All versions

Running on/with	Platform Versions
Zyxel Zywall 110	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Zywall 1100 Firmware	All versions

Running on/with	Platform Versions
Zyxel Zywall 1100	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Zywall 310 Firmware	All versions

Running on/with	Platform Versions
Zyxel Zywall 310	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Zywall Vpn 50 Firmware	All versions

Running on/with	Platform Versions
Zyxel Zywall Vpn 50	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Zywall Vpn 100 Firmware	All versions

Running on/with	Platform Versions
Zyxel Zywall Vpn 100	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Zywall Vpn 300 Firmware	All versions

Running on/with	Platform Versions
Zyxel Zywall Vpn 300	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Usg 20w Firmware	All versions

Running on/with	Platform Versions
Zyxel Usg 20w	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Usg 40 Firmware	All versions

Running on/with	Platform Versions
Zyxel Usg 40	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Usg 40w Firmware	All versions

Running on/with	Platform Versions
Zyxel Usg 40w	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Usg 60 Firmware	All versions

Running on/with	Platform Versions
Zyxel Usg 60	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Usg 60w Firmware	All versions

Running on/with	Platform Versions
Zyxel Usg 60w	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Usg 110 Firmware	All versions

Running on/with	Platform Versions
Zyxel Usg 110	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Usg 2200 Vpn Firmware	All versions

Running on/with	Platform Versions
Zyxel Usg 2200 Vpn	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Usg 310 Firmware	All versions

Running on/with	Platform Versions
Zyxel Usg 310	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Usg 1100 Firmware	All versions

Running on/with	Platform Versions
Zyxel Usg 1100	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Usg 1900 Firmware	All versions

Running on/with	Platform Versions
Zyxel Usg 1900	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Zyxel Usg 20w Vpn Firmware	All versions

Running on/with	Platform Versions
Zyxel Usg 20w Vpn	All versions

References (6)

ftp://ftp.zyxel.com/USG110/firmware/USG110_4.32%28AAPH.0%29C0_2.pdf (unsafe URL)

Source: cve@mitre.org

https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html

Source: cve@mitre.org

Third Party Advisory

https://www.zyxel.com/support/bleichenbacher_attack_vulnerability.shtml

Source: cve@mitre.org

PatchVendor Advisory

ftp://ftp.zyxel.com/USG110/firmware/USG110_4.32%28AAPH.0%29C0_2.pdf (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.zyxel.com/support/bleichenbacher_attack_vulnerability.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.