Rewterz Threat Advisory – CVE-2023-28768 – Zyxel XGS2220-30 Vulnerability

Rewterz Threat Advisory – CVE-2023-2122 – WordPress Image Optimizer by 10web Plugin Vulnerability

August 18, 2023

Rewterz Threat Alert – JanelaRAT: Modified Variant of BX Rat Targeting Financial Institutions in LATAM – Active IOCs

August 18, 2023

Rewterz Threat Advisory – CVE-2023-28768 – Zyxel XGS2220-30 Vulnerability

Severity

Medium

Analysis Summary

CVE-2023-28768

Zyxel XGS2220-30 is vulnerable to a denial of service, caused by improper frame handling. By sending a specially crafted frames to an affected switch, a remote attacker could exploit this vulnerability to cause a denial of service.

Impact

Denial of Service

Indicators Of Compromise

CVE

CVE-2023-28768

Affected Vendors

Zyxel

Affected Products

Zyxel XGS2220-30 4.80(ABXN.1)
Zyxel XGS2220-30F 4.80(ABYE.1)
Zyxel XGS2220-30HP 4.80(ABXO.1)
Zyxel XGS2220-54 4.80(ABXP.1)
Zyxel XGS2220-54FP 4.80(ACCE.1)
Zyxel XGS2220-54HP 4.80(ABXQ.1)
Zyxel XMG1930-30 4.80(ACAR.1)
Zyxel XMG1930-30HP 4.80(ACAS.1)
Zyxel XS1930-10 4.80(ABQE.1)
Zyxel XS1930-12F 4.80(ABZV.1)
Zyxel XS1930-12HP 4.80(ABQF.1)

Remediation

Refer to Zyxel Web site for patch, upgrade or suggested workaround information.

Zyxel Web site

Rewterz Threat Advisory – CVE-2023-2122 – WordPress Image Optimizer by 10web Plugin Vulnerability

Rewterz Threat Alert – JanelaRAT: Modified Variant of BX Rat Targeting Financial Institutions in LATAM – Active IOCs

Rewterz Threat Advisory – CVE-2023-28768 – Zyxel XGS2220-30 Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan