Zyxel Multiple Firewall Vulnerabilities

Description

What is Zyxel Networks? The Zyxel Networks is one of the leading providers of broadband networking solution for small and home offices.
What is the Attack? The attack is to exploit an OS command injection vulnerability which can lead to execute arbitrary commands.
Why is this Significant? There are thousands of devices worldwide that potentially are vulnerable to this attack. CISA has already added the vulnerabilities on its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation in the wild. Also, the PoC vulnerability has been made publicly.
What is the Vendor Solution? The vendor has provided patches to address the vulnerabilities.
What FortiGuard Coverage is Available? FortiGuard Labs is currently investigating coverage for CVE-2023-28771, CVE-2023-33009, CVE-2023-33010.