Guard against “Misfortune Cookie” vulnerability
New vulnerability to remotely manipulate CPE and Zyxel’s solution!
A new vulnerability that allows intruders to remotely manipulate client premise equipment (CPEs) with administrative privileges was disclosed in December 2014. CVE-2014-9222* and CVE-2014-9223* – also known as the “Misfortune Cookie” Vulnerability, present a security weakness in the residential CPEs and the devices connected to it, allowing potential exploitation such as data theft or malware infection.
Zyxel is well aware of the vulnerability and assures our customers that only a limited number of Zyxel models mentioned are affected, and their firmware updates will be released as shown in the table below. Addressing the list of Zyxel models mentioned, several have already been provided additional protection with a new firmware update, while the great majority are currently “end-of-life” status.
Below find a list of current Zyxel models on the market and the relevance of the newly discovered vulnerability. We recommend customers update the product firmware to its latest version as a measure to ensure maximum protection from all types of potential Internet intrusions and attacks.
*CVE-2014-9222 presents an authentication bypass vulnerability that allows unauthorized users to gain privileges remotely via a crafted cookie that triggers memory corruption.
*CVE-2014-9223 presents a buffer overflow vulnerability that allows unauthorized users to send a crafted request remotely and cause a denial of service.
On-market products
Product | Model Name | CVE-2014-9222 Affected | CVE-2014-9223 Affected | Latest Patch Update |
---|---|---|---|---|
COE | IES1248-51 | Yes | Yes | 2015/01/13 |
DSL CPE | P-660R-T1/T3 v3s | No | Yes | 2015/03/31 |
P-660RU-T1/T3 v3s | No | Yes | 2015/03/31 | |
P-660HN-T1/T3A | No | Yes | 2015/03/31 | |
P-660HN-T1A v2 | No | Yes | 2015/03/31 | |
AMG1202-T10A | No | Yes | 2015/03/31 | |
AMG1202-T10B | No | Yes | 2015/01/30 | |
AMG1302-T10A | No | Yes | 2015/03/31 | |
AMG1302-T10B | No | Yes | 2015/01/30 | |
AMG1312-T10B | No | Yes | 2015/01/30 |
End-of-life products
*Please contact your local sales/service representatives if you require any assistance.
Product | Model Name | Status |
---|---|---|
Modem | OMNI ADSL LAN EE (Annex A) | End-of-life |
Gateway/Router | P202H DSS1 | End-of-life |
P653HWI-11 | End-of-life | |
P653HWI-13 | End-of-life | |
P-660H-T1 v3s | End-of-life | |
P-660R-T1 | End-of-life | |
P-660R-T1 v3 | End-of-life | |
P-660R-T3 v3 | End-of-life | |
P-660RU-T1 | End-of-life | |
P-660RU-T1 v3 | End-of-life | |
Prestige 623ME-T1 | End-of-life | |
Prestige 623ME-T3 | End-of-life | |
Prestige 623R-A1 | End-of-life | |
Prestige 623R-T1 | End-of-life | |
Prestige 623R-T3 | End-of-life | |
Prestige 645 | End-of-life | |
Prestige 645R-A1 | End-of-life | |
Prestige 650 | End-of-life | |
Prestige 650H/HW-31 | End-of-life | |
Prestige 650H/HW-33 | End-of-life | |
Prestige 650H-17 | End-of-life | |
Prestige 650H-E1 | End-of-life | |
Prestige 650H-E3 | End-of-life | |
Prestige 650H-E7 | End-of-life | |
Prestige 650HW-11 | End-of-life | |
Prestige 650HW-13 | End-of-life | |
Prestige 650HW-31 | End-of-life | |
Prestige 650HW-33 | End-of-life | |
Prestige 650HW-37 | End-of-life | |
Prestige 650R-11 | End-of-life | |
Prestige 650R-13 | End-of-life | |
Prestige 650R-31 | End-of-life | |
Prestige 650R-33 | End-of-life | |
Prestige 650R-E1 | End-of-life | |
Prestige 650R-E3 | End-of-life | |
Prestige 650R-T3 | End-of-life | |
Prestige 652H/HW-31 | End-of-life | |
Prestige 652H/HW-33 | End-of-life | |
Prestige 652H/HW-37 | End-of-life | |
Prestige 652R-11 | End-of-life | |
Prestige 652R-13 | End-of-life | |
Prestige 660H-61 | End-of-life | |
Prestige 660HW-61 | End-of-life | |
Prestige 660HW-67 | End-of-life | |
Prestige 660R-61 | End-of-life | |
Prestige 660R-61C | End-of-life | |
Prestige 660R-63 | End-of-life | |
Prestige 660R-63/67 | End-of-life | |
Prestige 791R | End-of-life | |
Prestige 792H | End-of-life |
Products misplaced as Zyxel’s in the disclosure*
*The original vulnerability disclosure incorrectly referred the above-listed models from other manufacturers as from Zyxel.
Model Name | |||
---|---|---|---|
AAM6000EV/Z2 | AAM6010EV | AAM6010EV/Z2 | AAM6010EV-Z2 |
AAM6020BI | AAM6020BI-Z2 | AAM6020VI/Z2 |