Vulnerabilities > CVE-2018-9129 - Unspecified vulnerability in Zyxel products
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in their Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections.
Vulnerable Configurations
References
- ftp://ftp.zyxel.com/USG110/firmware/USG110_4.32%28AAPH.0%29C0_2.pdf
- ftp://ftp.zyxel.com/USG110/firmware/USG110_4.32%28AAPH.0%29C0_2.pdf
- https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html
- https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html
- https://www.zyxel.com/support/bleichenbacher_attack_vulnerability.shtml
- https://www.zyxel.com/support/bleichenbacher_attack_vulnerability.shtml