|
Original release date: July 15, 2022 CVE ID CVE-2022-23141 CVSS 3.1 Base Score Medium 4.3(AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) Description ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information. Affected Products and Fixes Product Name | Affected Version | Resolved Version | ZXMP M721 | COMMOND21BOOTV100004_LS1045 | COMMOND21BOOTV100004_LS1046 |
Source The vulnerability was found by ZTE's internal test. Update Records July 15, 2022, initial. Version Update Method Please contact ZTE Global Customer Support Center to obtain the upgraded version. Global Customer Support Center http://support.zte.com.cn/support/web/Contact.aspx?_langType=en ZTE PSIRT https://www.zte.com.cn/global/cybersecurity/ztepsirt.html
|