CVE-2025-1732 — MEDIUM (6.7)

Vulnerability Description

An improper privilege management vulnerability in the recovery function of the Zyxel USG FLEX H series uOS firmware version V1.31 and earlier could allow an authenticated local attacker with administrator privileges to upload a crafted configuration file and escalate privileges on a vulnerable device.

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Zyxel	Uos	1.31
Zyxel	Usg Flex 100H	-
Zyxel	Usg Flex 100Hp	-
Zyxel	Usg Flex 200H	-
Zyxel	Usg Flex 200Hp	-
Zyxel	Usg Flex 500H	-
Zyxel	Usg Flex 50H	-
Zyxel	Usg Flex 50Hp	-
Zyxel	Usg Flex 700H	-

Related Weaknesses (CWE)

CWE-269

References

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisVendor Advisory

FAQ

What is CVE-2025-1732?

CVE-2025-1732 is a vulnerability with a CVSS score of 6.7 (MEDIUM). An improper privilege management vulnerability in the recovery function of the Zyxel USG FLEX H series uOS firmware version V1.31 and earlier could allow an authenticated local attacker with administr...

How severe is CVE-2025-1732?

CVE-2025-1732 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-1732?

Check the references section above for vendor advisories and patch information. Affected products include: Zyxel Uos, Zyxel Usg Flex 100H, Zyxel Usg Flex 100Hp, Zyxel Usg Flex 200H, Zyxel Usg Flex 200Hp.