Memory Buffer Vulnerability in Zyxel VMG8825-T50K Firmware Could Lead to Thread Crash and Memory Corruption
CVE-2024-38268

4.9MEDIUM

Key Information:

Vendor: Zyxel
Status: Vmg8825-t50k Firmware
Vendor: CVE Published:; 24 September 2024

What is CVE-2024-38268?

An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.

Affected Version(s)

VMG8825-T50K firmware <= 5.50(ABOM.8)C0

References

https://www.zyxel.com/global/en/support/security-advisori...

vendor-advisory

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 24, 2024
Vulnerability Reserved
Jun 12, 2024