ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·5/31/2023
CVE-2023-28771 added to CISA KEV: Zyxel Multiple Firewalls
Status: ✅ Confirmed exploited in the wild
Date added: 2023-05-31
Required action: Apply updates per vendor instructions.
Due date: 2023-06-21
Why this matters
Zyxel ATP, USG FLEX, VPN, and ZyWALL/USG firewalls allow for improper error message handling which could allow an unauthenticated attacker to execute OS commands remotely by sending crafted packets to an affected device.
Sources
Lyrie Verdict
Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.