Published: 15/08/2018 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in their Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections.

Vulnerable Product	Search on Vulmon	Subscribe to Product
zyxel zywall_110_firmware -
zyxel zywall_1100_firmware -
zyxel zywall_310_firmware -
zyxel zywall_vpn_50_firmware -
zyxel zywall_vpn_100_firmware -
zyxel zywall_vpn_300_firmware -
zyxel usg_20w_firmware -
zyxel usg_40_firmware -
zyxel usg_40w_firmware -
zyxel usg_60_firmware -
zyxel usg_60w_firmware -
zyxel usg_110_firmware -
zyxel usg_2200-vpn_firmware -
zyxel usg_310_firmware -
zyxel usg_1100_firmware -
zyxel usg_1900_firmware -
zyxel usg_20w-vpn_firmware -

Support for ageing key exchange crypto leaves VPNs open to attack

The Register • John Leyden • 15 Aug 2018

Ancient issue causing new ones IPv6 and 5G will make life hell for spooks and cops say Australia's spooks and cops

Security gaps have been identified in widely used implementations of the IPsec protocol, which is used in the set up of Virtual Private Networks (VPNs). The Internet Key Exchange protocol "IKEv1", which is part of the IPsec protocol family, has vulnerabilities that enable potential attackers to interfere with the communication process and snoop of supposedly encrypted traffic. IKEv1 was superseded by IKEv2 years ago the obsolete protocol is still widely used and supported - even by newer devices...

CVE-2018-9129

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect