Unrated severityNVD Advisory· Published Nov 28, 2023· Updated Oct 17, 2024

CVE-2023-4398

Description

An integer overflow vulnerability in the source code of the QuickSec IPSec toolkit used in the VPN feature of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions on an affected device by sending a crafted IKE packet.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

An integer overflow in the QuickSec IPSec toolkit allows a remote unauthenticated attacker to cause denial-of-service on Zyxel firewalls via a crafted IKE packet.

Vulnerability

An integer overflow vulnerability exists in the QuickSec IPSec toolkit used in the VPN feature of Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37 [1]. The flaw is triggered during processing of IKE packets.

Exploitation

An unauthenticated attacker can exploit this vulnerability remotely by sending a specially crafted IKE packet to the affected device [1]. No prior authentication or special network position other than network access to the VPN interface is required.

Impact

Successful exploitation causes denial-of-service (DoS) conditions on the targeted firewall, disrupting VPN and other services [1]. The vulnerability does not grant code execution or data access but renders the device inoperable until a manual reboot.

Mitigation

Zyxel released patches for all affected series in November 2023. Users should update to the latest firmware versions as specified in the vendor advisory [1]. No workarounds have been published.

References

Zyxel security advisory for multiple vulnerabilities in firewalls and APs | Zyxel Networks

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Zyxel/ATP seriescpe-rescue
Range: versions 4.32 through 5.37
Zyxel/USG20(W)-VPN seriescpe-rescue
Range: versions 4.16 through 5.37
Zyxel/USG FLEX seriescpe-rescue2 versions
versions 4.16 through 5.37+ 1 more
- (no CPE)range: versions 4.16 through 5.37
- (no CPE)range: versions 4.50 through 5.37
Zyxel/VPN seriescpe-rescue
Range: versions 4.30 through 5.37

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-apsmitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000