- What is the Zyxel CNA?
- Zyxel is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 144 CVE records since 2021.
- How many CVEs has Zyxel published?
- Zyxel has published 144 CVE records, including 53 in the last two years.
- What is Zyxel's CVE data quality grade?
- RadicalNotion.AI grades Zyxel's CVE data quality as A, with an overall completeness score of 100%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (100%) information.
- What products does Zyxel publish CVEs for?
- Zyxel most frequently publishes CVEs for usg flex 500, usg flex 700, usg flex 200, usg flex 100w, USG FLEX series Firmware.
- Which vendors does Zyxel cover?
- Zyxel publishes CVEs across 2 distinct vendors, most often Zyxel.
- Is Zyxel actively publishing CVEs?
- Zyxel is currently active, based on 53 CVEs in the last two years.
- What is the average severity of Zyxel's CVEs?
- The average CVSS base score across Zyxel's scored CVEs is 7.3.
- How many critical CVEs has Zyxel published?
- Zyxel has published 28 critical-severity CVEs and 71 high-severity CVEs.
- Are any of Zyxel's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- Yes. 8 of Zyxel's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
- What are the most common weakness types in Zyxel's CVEs?
- Zyxel's CVEs most often map to these CWE weakness types: CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')), CWE-120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')), CWE-269 (Improper Privilege Management), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')).
- How does Zyxel rank among CNAs?
- By total CVE volume, Zyxel ranks #108 of 370 CNAs, and it reports more complete CVE records than 60% of all CNAs.