CVE-2023-5960

Summary

An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.37 and VPN series firmware versions 4.30 through 5.37 could allow an authenticated local attacker to access the system files on an affected device.

Affected Software

VendorProductVersion RangeStatus
ZyxelUSG FLEX series firmwareversions 4.50 through 5.37affected
ZyxelVPN series firmwareversions 4.30 through 5.37affected

Weaknesses

  • CWE-269: CWE-269 Improper Privilege Management

ADP Enrichment

CVE Program Container

Additional References

References