CVE-2024-38268 MEDIUM

CVE-2024-38268

Vendor Zyxel
Product VMG8825-T50K firmware
Weakness CWE-119
Published September 24, 2024
Last update September 24, 2024

CVSS base score

4.9/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.

Key dates

02Disclosure timeline

September 24, 2024 CVE published
September 24, 2024 Record updated