Security Advisory

CVE-2025-1732

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-22 01:57:35

Last updated 2026-02-26 18:28:08

Assigner Zyxel

State PUBLISHED

Description

An improper privilege management vulnerability in the recovery function of the Zyxel USG FLEX H series uOS firmware version V1.31 and earlier could allow an authenticated local attacker with administrator privileges to upload a crafted configuration file and escalate privileges on a vulnerable device.

← Browse all CVEs View on cve.org ↗