The security advisory, published on April 22, 2025, details the patches for CVE-2025-1731 and CVE-2025-1732, which impact multiple firmware versions of the company’s enterprise-grade security appliances.
Security researchers identified an incorrect permission assignment vulnerability (CVE-2025-1731) in the PostgreSQL commands of USG FLEX H series uOS firmware versions V1.20 through V1.31.
This critical flaw received a CVSS base score of 7.8, indicating its significant security impact. The vulnerability potentially allows an authenticated local attacker with low privileges to gain access to the Linux shell and escalate their privileges to the administrator level.
The advisory explains that ” the exploitation path is particularly concerning as it enables attackers to craft malicious scripts or modify system configurations through a stolen token. “
“However, modification of system configurations is only possible if the administrator remains logged in and their token remains valid.”
The second vulnerability, CVE-2025-1732, involves improper privilege management in the recovery function of the identical firmware versions.
This vulnerability could enable an authenticated local attacker with administrator privileges to upload a specially crafted configuration file and further escalate privileges on vulnerable devices.
The vulnerabilities were discovered by security researchers Alessandro Sgreccia from HackerHood and Marco Ivaldi from HN Security.
| CVEs | Impact | Affected Products | Exploit Prerequisites | CVSS 3.1 Score |
| CVE-2025-1731 | Zyxel USG FLEX H series firewallsuOS V1.20 to V1.31 | Local privilege escalation | Attacker must have authenticated local access with low privileges; administrator must not have logged out | 7.8 (High) |
| CVE-2025-1732 | Zyxel USG FLEX H series firewallsuOS V1.20 to V1.31 | Privilege escalation | Attackers must have authenticated local access with administrator privileges. | 6.7 (Medium) |
Zyxel’s investigation identified the USG FLEX H series as the only vulnerable product line within the current support period. The company has released firmware update uOS V1.32 to address both vulnerabilities.
Security experts recommend immediate patching, as privilege escalation vulnerabilities are frequently exploited in targeted attacks against enterprise environments.
The USG FLEX H series, launched as Zyxel’s advanced security solution, features next-generation multi-core hardware and delivers three times the firewall, VPN, and Unified Threat Management performance compared to previous generations.
Despite their sophisticated architecture, these devices remain susceptible to software vulnerabilities requiring regular security updates.
Users are strongly advised to install the patches immediately and implement defense-in-depth strategies, including minimizing external management interface exposure and implementing strong authentication policies.
The discovery underscores the critical importance of regular security updates for network security appliances, which often serve as the first line of defense against external threats.
Malware Trends Report Based on 15000 SOC Teams Incidents, Q1 2025 out!-> Get Your Free Copy
The post Zyxel Patches Privilege Management Vulnerabilities in USG FLEX H Series Firewalls appeared first on Cyber Security News.
Looking for a powerful ebike with the speed and range to meet your ambitious needs?…
Lenovo is offering a great deal on an ultra-portable productivity laptop that can also do…
For the first time in years, Apple has introduced a new MacBook in its laptop…
In lieu of a polished livestream of a heavily produced, pre-recorded announcement of new stuff,…
Lanterns is one of the big shows that will be part of the first phase…
Tszarian Wright pleaded guilty to weapon possession and selling drugs and was sentenced to 6…
This website uses cookies.