|
Original Release Date: January 4 2024 Vulnerability ID CVE ID: CVE-2023-41784 CNNVD ID: CNNVD-2024-72942896 CVSS 3.1 Base Score 6.6 Medium (AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L) Description There is a permissions privileges and access control vulnerability in ZTE Red Magic products. Due to improper access control,when the vulnerability exploited by attackers,some applications may have unauthorized access to related directories.
Affected Products and Fixes Product Name | Affected Version | Resolved Version | Red Magic 8 Pro | GEN_CN_NX729JV1.0.0B21MR | GEN_CN_NX729JV1.0.0B22MR2 |
Acknowledgement ZTE thanks BuddyTyrannosaurus for paying attention to our products and cooperating with us to disclose vulnerability. Update Records January 4 2024, initial. Version Update Method Affected users can upgrade the version through the Settings app. Global Customer Support Center https://support.ztedevices.com/ ZTE PSIRT https://www.zte.com.cn/global/cybersecurity/ztepsirt.html
|