CVE-2023-33009CISA KEVEPSS p97.9%

CVE-2023-33009Zyxel Multiple Firewalls Buffer Overflow Vulnerability

Zyxel / Multiple Firewalls

Description

Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerability in the notification function that could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and remote code execution on an affected device.

Scoring

EPSS28.14% probability of exploitation · percentile 97.9% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2023-06-05

(incoming)1

TypeTargetConfidenceTier
KEVEntryZyxel Multiple Firewalls Buffer Overflow Vulnerabilitykev-cve-2023-330090%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Zyxel Multiple Firewalls OS Command Injection Vulnerability
CVE
CVE-2026-3870
CVE
CVE-2026-3871
CVE
Zyxel Multiple NAS Devices Command Injection Vulnerability
CVE
CVE-2025-7673
CVE
Zyxel Multiple NAS Devices OS Command Injection Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.