Design/Logic Flaw

2023-05-3023:15:00

PRIOn knowledge base

www.prio-n.com

unauthorized access

zte mobile phones

vulnerability

malicious application

non-public interface

4.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.6%

JSON

There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could start a non-public interface of an application without user permission.

CPENameOperatorVersion
axon_40_ultra_firmwareeq< 1.0.0b26
blade_a31_firmwareeq< m3
blade_a31_plus_firmwareeq< m4
blade_a3_lite_firmwareeq< m9
blade_a51_firmwareeq< m7
blade_a52_firmwareeq< m2
blade_a5_2019_firmwareeq< m13
blade_a5_2020_firmwareeq< m5
blade_a71_firmwarelt2.4
blade_a72_firmwarelt11.0.3

Name	Operator	Version
axon_40_ultra_firmware	eq	< 1.0.0b26
blade_a31_firmware	eq	< m3
blade_a31_plus_firmware	eq	< m4
blade_a3_lite_firmware	eq	< m9
blade_a51_firmware	eq	< m7
blade_a52_firmware	eq	< m2
blade_a5_2019_firmware	eq	< m13
blade_a5_2020_firmware	eq	< m5
blade_a71_firmware	lt	2.4
blade_a72_firmware	lt	11.0.3