Lucene search
ZteCVELIST:CVE-2023-25642HistoryDec 14, 2023 - 7:17 a.m.
CVE-2023-25642 Two Vulnerabilities in Some ZTE Mobile Internet Products
2023-12-1407:17:08
CWE-120
zte
www.cve.org
cve-2023-25642
two vulnerabilities
insufficient validation
tcp port
denial of service
5.9 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
13.5%
There is a buffer overflow vulnerability in some ZTE mobile internet producsts. Due to insufficient validation of tcp port parameter, an authenticated attacker could use the vulnerability to perform a denial of service attack.
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "MC801A",
"vendor": "ZTE",
"versions": [
{
"lessThanOrEqual": "B19",
"status": "affected",
"version": "MC801A_Elisa3_B19",
"versionType": "B19"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC801A1",
"vendor": "ZTE",
"versions": [
{
"lessThanOrEqual": "B04",
"status": "affected",
"version": "MC801A1_Elisa1_B04",
"versionType": "B04"
}
]
}
]Related
cnvd
cnvd
ZTE MC801A tcp port parameter buffer overflow vulnerability
2023-12-18 00:00:00
cve
cve
CVE-2023-25642
2023-12-14 08:15:37
nvd
nvd
CVE-2023-25642
2023-12-14 08:15:37
prion
prion
Buffer overflow
2023-12-14 08:15:00
5.9 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
13.5%
Related for CVELIST:CVE-2023-25642