CVE-2022-39074

CVSS 3.3 LOWEPSS 0.3%

There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could start a non-public interface of an application without user permission.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Productos afectados

n/a · ZTE Blade A52, ZTE Blade A51, ZTE Blade A3 Lite, ZTE Blade A5 2020, ZTE Blade L210, ZTE Blade A7s, ZTE Blade A31, ZTE Blade A31 Plus, ZTE Blade A5 (2019), ZTE Blade A71, ZTE Blade A72, ZTE Blade V20 Smart, ZTE Blade V30, ZTE Blade V30 Vita, ZTE V40 Pro, ZTE Blade V40 Vita, ZTE Axon 40 Ultra

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664