ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·6/5/2023
CVE-2023-33010 added to CISA KEV: Zyxel Multiple Firewalls
Status: ✅ Confirmed exploited in the wild
Date added: 2023-06-05
Required action: Apply updates per vendor instructions.
Due date: 2023-06-26
Why this matters
Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerability in the ID processing function that could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and remote code execution on an affected device.
Sources
Lyrie Verdict
Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.