{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-08-13T00:00:00", "descriptions": [{"lang": "en", "value": "ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in their Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-08-15T17:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "ftp://ftp.zyxel.com/USG110/firmware/USG110_4.32%28AAPH.0%29C0_2.pdf"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.zyxel.com/support/bleichenbacher_attack_vulnerability.shtml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-9129", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in their Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html", "refsource": "MISC", "url": "https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html"}, {"name": "ftp://ftp.zyxel.com/USG110/firmware/USG110_4.32(AAPH.0)C0_2.pdf", "refsource": "CONFIRM", "url": "ftp://ftp.zyxel.com/USG110/firmware/USG110_4.32(AAPH.0)C0_2.pdf"}, {"name": "https://www.zyxel.com/support/bleichenbacher_attack_vulnerability.shtml", "refsource": "CONFIRM", "url": "https://www.zyxel.com/support/bleichenbacher_attack_vulnerability.shtml"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T07:17:51.409Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "ftp://ftp.zyxel.com/USG110/firmware/USG110_4.32%28AAPH.0%29C0_2.pdf"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.zyxel.com/support/bleichenbacher_attack_vulnerability.shtml"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-9129", "datePublished": "2018-08-15T18:00:00", "dateReserved": "2018-03-30T00:00:00", "dateUpdated": "2024-08-05T07:17:51.409Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:zywall_110_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA1AC1BA-ECA9-40ED-8A76-92ECD7365B68", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*", "matchCriteriaId": "145E41D9-E376-4B8E-A34F-F2C7ECFD649D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:zywall_1100_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DFE70E63-C665-4B8E-A442-CF5BF0E8139A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*", "matchCriteriaId": "BCE32A1C-A730-4893-BCB9-F753F8E65440", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:zywall_310_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "76DC263D-E9B1-4652-BD7C-329365DDAF95", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*", "matchCriteriaId": "B40C703E-C7C0-4B49-A336-83853D3E8C31", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:zywall_vpn_50_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E4D31C06-4E89-4F73-95F1-3FF1E515AB96", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:zywall_vpn_50:-:*:*:*:*:*:*:*", "matchCriteriaId": "FD872CA4-385D-49A9-B1DF-7C4467BD49AA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:zywall_vpn_100_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A819B4B7-9095-4CFA-8A0F-F75809DD53DA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:zywall_vpn_100:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1B81DDA-DDD5-4D9B-B631-815186E3839F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:zywall_vpn_300_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4AEB4AB0-53D6-4DE6-89DC-4BC8EFBF2F2D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:zywall_vpn_300:-:*:*:*:*:*:*:*", "matchCriteriaId": "212C5E8E-774A-446E-B7C7-80C349160BC2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:usg_20w_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F92919D0-F6FE-4011-9B1A-9D04A035D629", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*", "matchCriteriaId": "6CD5A4AB-0CC2-4CAF-AAFA-0F866174842F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:usg_40_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4B607CD6-BCD6-4004-8627-A4B3BDDF7677", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*", "matchCriteriaId": "D84DDB81-DE66-4427-8833-633B45A45A14", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:usg_40w_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "52F30BE8-6A60-4C43-8794-57B9D2A33438", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F11F36C-60DB-4D81-A320-53EEE43758C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:usg_60_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8315C473-40B7-4EF0-A7E5-8C4BC1A79429", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*", "matchCriteriaId": "C65DB5E9-2FE3-4807-970E-A42FDF82B50E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:usg_60w_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA2E485D-C8B1-48E9-9E67-4433D9B318E8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*", "matchCriteriaId": "82864EF6-B63D-4947-A18C-AE0156CCA7FA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:usg_110_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0567A656-4AFB-4457-A807-813ED71C37B3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*", "matchCriteriaId": "C7E32879-01A2-49B1-A354-068CEB1CA3A5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F34BD0D3-2682-48BA-9382-E24B6B299E57", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*", "matchCriteriaId": "32F7F370-C585-45FE-A7F7-40BFF13928CF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:usg_310_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "58F65D2A-8935-458A-9BD8-4D2EE1CEFCBE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*", "matchCriteriaId": "38B7995C-80E0-413B-9F2C-387EF3703927", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:usg_1100_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0AEF3A7B-9CC6-4876-AA56-8B58C69F537F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC4B9AC6-7C55-42BD-A1D8-F5D5A19AC59D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:usg_1900_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7214720-5FED-4BFD-89B4-BD6154711747", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*", "matchCriteriaId": "92CE6F04-403B-4A52-A3A5-DD0190CF15D9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B74D51D7-7555-49A5-BCAC-B5FDE74D4261", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in their Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections."}, {"lang": "es", "value": "Los dispositivos ZyXEL de la serie ZyWALL/USG tienen una vulnerabilidad de Bleichenbacher en su implementaci\u00f3n de handshake de intercambio de claves de Internet (IKE) utilizado para conexiones VPN basadas en IPsec."}], "id": "CVE-2018-9129", "lastModified": "2024-11-21T04:15:01.633", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-08-15T18:29:01.230", "references": [{"source": "cve@mitre.org", "url": "ftp://ftp.zyxel.com/USG110/firmware/USG110_4.32%28AAPH.0%29C0_2.pdf"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.zyxel.com/support/bleichenbacher_attack_vulnerability.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.zyxel.com/USG110/firmware/USG110_4.32%28AAPH.0%29C0_2.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.zyxel.com/support/bleichenbacher_attack_vulnerability.shtml"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}