|
Original release date: June 22, 2021 CVE ID CVE-2021-21737 CVSS 3.1 Base Score 6.8 Medium (AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N) Description A smart STB product of ZTE is impacted by a permission and access control vulnerability. Due to insufficient protection of system application, attackers could use this vulnerability to tamper with the system desktop and affect system customization functions. Affected Products and Fixes Product Name | Affected Version | Resolved Version | ZXV10 B860H V5.0 | V83011303.0010 V83011303.0016 | V83011303.0019 |
Source The vulnerability was found by ZTE's internal test. Update Records June 22, 2021, initial. Supporting team contacts 1. ZTE GCSC hotline: 0755-26770800 800-830-1118 400-830-1118 2. Product forum at ZTE Support website. ZTE PSIRT If you need to report security vulnerabilities related to ZTE products, or get ZTE product security incident response service and vulnerability information, please contact ZTE PSIRT: psirt@zte.com.cn, PGP key ID: FF095577.
|