Vulnerabilities > CVE-2022-0823 - Unspecified vulnerability in Zyxel products

CVSS 6.2 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

zyxel

NVD

Published: 2022-06-09

Updated: 2023-06-27

Summary

An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could allow a local attacker to guess the password by using a timing side-channel attack.

Vulnerable Configurations

Part	Description	Count
OS	Zyxel Zyxel Gs1200 5 Firmware - Zyxel Gs1200 5HP Firmware - Zyxel Gs1200 8 Firmware - Zyxel Gs1200 8HP Firmware -	4
Hardware	Zyxel Zyxel Gs1200 5 - Zyxel Gs1200 5HP - Zyxel Gs1200 8 - Zyxel Gs1200 8HP -	4

References

https://www.zyxel.com/support/Zyxel-security-advisory-for-password-guessing-vulnerability-of-GS1200-series-switches.shtml