"we have identified the vulnerable CPE that are within their warranty and support period and are releasing firmware patches to address the issue"
This suggests to me that other, older, devices are also affected but they aren't going to patch them, which isn't great really.
Indeed, I fear you are correct. You missed a few critical words from the end of that quote...
as shown in the table below.
The devices listed are only those that are within their warranty and support period, and not necessarily all those affected.
For example the VMG8x24-B10A may also be affected, but it's well outside any support period.
Not good.
They clearly state the XMG3927-B50A will receive firmware version V5.15(ABMT.5)C0 in Dec 2020.
Currently V5.13 is on the ftp site.
They do state...
For users who purchased the listed devices on their own, please contact your local Zyxel support team for the new firmware file to ensure optimal protection.
Meaning the firmware may need to be obtained from Zyxel support until they update the ftp directories.
They may also just be behind their targeted firmware fix dates.
It would not surprise me if Zyxel ask for the serial number of any device to confirm it is a retail model before providing any support, as they have done many times in the past.
made request for sourcecode, it's in a KCOM box
model number XMG3927-B50A-GB01V1F
They may not give you any support as it's an ISP provided device unfortunately.