Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-6875

A ZTE product is impacted by the improper access control vulnerability. Due to lack of an authentication protection mechanism in the program, attackers could use this vulnerability to gain access right through brute-force attacks. This affects: <ZXONE 19700 SNPE><ZXONE8700V1.40R2B13_SNPE>

Published

2020-10-05T15:15:12.263

Last Modified

2024-11-21T05:36:20.217

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-306

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	zte	zxone_19700_snpe_firmware	zxone8700v1.40r2b13_snpe	Yes
Hardware	zte	zxone_19700_snpe	-	No

References

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013643 Vendor Advisory ([email protected])
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013643 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)