Zyxel security advisory for privilege escalation vulnerability in GS1900 series switches
CVE: CVE-2022-45853
Summary
Zyxel has released patches for GS1900 series switches affected by a privilege escalation vulnerability. Users are advised to install them for optimal protection.
What is the vulnerability?
The privilege escalation vulnerability in the Zyxel GS1900 series switches could allow a local authenticated attacker with administrator privileges to execute some system commands as the “root” user on a vulnerable device via SSH. Although SSH access is disabled by default, which would make a network immune from the attack, users are still recommended to upgrade to the latest firmware for optimal protection.
What versions are vulnerable—and what should you do?
After a thorough investigation, we’ve identified the vulnerable switches that are within their vulnerability support period and released patches to address the vulnerability, as shown in the table below.
| Affected model | Affected version | Patch availability |
|---|---|---|
| GS1900-8 | V2.70(AAHH.3) | V2.70(AAHH.5) |
| GS1900-8HP | V2.70(AAHI.3) | V2.70(AAHI.5) |
| GS1900-10HP | V2.70(AAZI.3) | V2.70(AAZI.5) |
| GS1900-16 | V2.70(AAHJ.3) | V2.70(AAHJ.5) |
| GS1900-24 | V2.70(AAHL.3) | V2.70(AAHL.5) |
| GS1900-24E | V2.70(AAHK.3) | V2.70(AAHK.5) |
| GS1900-24EP | V2.70(ABTO.3) | V2.70(ABTO.5) |
| GS1900-24HPv2 | V2.70(ABTP.3) | V2.70(ABTP.5) |
| GS1900-48 | V2.70(AAHN.3) | V2.70(AAHN.5) |
| GS1900-48HPv2 | V2.70(ABTQ.3) | V2.70(ABTQ.5) |
Got a question?
Please contact your local service rep or visit Zyxel’s Community for further information or assistance.
Acknowledgment
Thanks to Justin Aarden for reporting the issue to us.
Revision history
2023-6-6: Initial release.