CVE-2022-0823 MEDIUM

CVE-2022-0823

Vendor Zyxel
Product Zyxel GS1200 series firmware
Weakness CWE-203
Published June 7, 2022
Last update August 2, 2024

CVSS base score

6.2/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could allow a local attacker to guess the password by using a timing side-channel attack.

Key dates

02Disclosure timeline

June 7, 2022 CVE published
August 2, 2024 Record updated