Two More Critical Vulnerabilities Found in Zyxel Firewalls and VPN Devices
Two critical vulnerabilities, CVE-2023-33009 and CVE-2023-33010, have been found in Zyxel firewalls and VPN devices. Both vulnerabilities received critical CVSS scores of 9.8 and could lead to remote code execution and denial-of-service attacks on affected devices. Zyxel is urging customers to apply the latest security updates as soon as possible. In addition, a similar critical vulnerability, CVE-2023-28771, is now being actively exploited in widespread attacks. Users are advised to urgently update any vulnerable devices to protect their systems. Zyxel has also issued a security advisory with more information on how to mitigate the risk and better protect ZyWALL devices. CVEs: CVE-2023-28771, CVE-2023-33009, CVE-2023-33010 [View Article](https://www.lansweeper.com/vulnerability/two-more-critical-vulnerabilities-found-in-zyxel-firewalls-and-vpn-devices/)