Lucene search

[email protected]NVD:CVE-2022-39074

HistoryMay 30, 2023 - 11:15 p.m.

CVE-2022-39074

2023-05-3023:15:09

[email protected]

web.nvd.nist.gov

cve-2022-39074

unauthorized access

zte

mobile phones

malicious application

non-public interface

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

AI Score

3.9

Confidence

High

EPSS

Percentile

10.5%

JSON

There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could start a non-public interface of an application without user permission.

Affected configurations

Nvd

Node

zteblade_a52_firmwareRange<m02

AND

zteblade_a52Match-

Node

zteblade_a51Match-

AND

zteblade_a51_firmwareRange<m07

Node

zteblade_a3_liteMatch-

AND

zteblade_a3_lite_firmwareRange<m09

Node

zteblade_a5_2020Match-

AND

zteblade_a5_2020_firmwareRange<m05

Node

zteblade_l210Match-

AND

zteblade_l210_firmwareRange<1.14

Node

zteblade_a7sMatch-

AND

zteblade_a7s_firmwareRange<2.2

Node

zteblade_a31Match-

AND

zteblade_a31_firmwareRange<m03

Node

zteblade_a31_plusMatch-

AND

zteblade_a31_plus_firmwareRange<m04

Node

zteblade_a5_2019Match-

AND

zteblade_a5_2019_firmwareRange<m13

Node

zteblade_a71Match-

AND

zteblade_a71_firmwareRange<2.4

Node

zteblade_a72Match-

AND

zteblade_a72_firmwareRange<11.0.3

Node

zteblade_v20_smartMatch-

AND

zteblade_v20_smart_firmwareRange<1.14

Node

zteblade_v30Match-

AND

zteblade_v30_firmwareRange<1.11

Node

zteblade_v30_vita_firmwareRange<1.11

AND

zteblade_v30_vitaMatch-

Node

ztev40_pro_firmwareRange<11.0.4_9046

AND

ztev40_proMatch-

Node

zteblade_v40_vita_firmwareRange<11.0.2_8045

AND

zteblade_v40_vitaMatch-

Node

zteaxon_40_ultra_firmwareRange<1.0.0b26

AND

zteaxon_40_ultraMatch-

VendorProductVersionCPE
zteblade_a52_firmware*cpe:2.3:o:zte:blade_a52_firmware:*:*:*:*:*:*:*:*
zteblade_a52-cpe:2.3:h:zte:blade_a52:-:*:*:*:*:*:*:*
zteblade_a51-cpe:2.3:h:zte:blade_a51:-:*:*:*:*:*:*:*
zteblade_a51_firmware*cpe:2.3:o:zte:blade_a51_firmware:*:*:*:*:*:*:*:*
zteblade_a3_lite-cpe:2.3:h:zte:blade_a3_lite:-:*:*:*:*:*:*:*
zteblade_a3_lite_firmware*cpe:2.3:o:zte:blade_a3_lite_firmware:*:*:*:*:*:*:*:*
zteblade_a5_2020-cpe:2.3:h:zte:blade_a5_2020:-:*:*:*:*:*:*:*
zteblade_a5_2020_firmware*cpe:2.3:o:zte:blade_a5_2020_firmware:*:*:*:*:*:*:*:*
zteblade_l210-cpe:2.3:h:zte:blade_l210:-:*:*:*:*:*:*:*
zteblade_l210_firmware*cpe:2.3:o:zte:blade_l210_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
zte	blade_a52_firmware	*	cpe:2.3:o:zte:blade_a52_firmware::::::::
zte	blade_a52	-	cpe:2.3:h:zte:blade_a52:-:::::::*
zte	blade_a51	-	cpe:2.3:h:zte:blade_a51:-:::::::*
zte	blade_a51_firmware	*	cpe:2.3:o:zte:blade_a51_firmware::::::::
zte	blade_a3_lite	-	cpe:2.3:h:zte:blade_a3_lite:-:::::::*
zte	blade_a3_lite_firmware	*	cpe:2.3:o:zte:blade_a3_lite_firmware::::::::
zte	blade_a5_2020	-	cpe:2.3:h:zte:blade_a5_2020:-:::::::*
zte	blade_a5_2020_firmware	*	cpe:2.3:o:zte:blade_a5_2020_firmware::::::::
zte	blade_l210	-	cpe:2.3:h:zte:blade_l210:-:::::::*
zte	blade_l210_firmware	*	cpe:2.3:o:zte:blade_l210_firmware::::::::

Rows per page:

1-10 of 341

References

support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

AI Score

3.9

Confidence

High

EPSS

Percentile

10.5%

JSON

Related for NVD:CVE-2022-39074

cvelist1 prion1 cve1