CVE-2022-39068

Summary

There is a buffer overflow vulnerability in ZTE MF296R. Due to insufficient validation of the SMS parameter length, an authenticated attacker could use the vulnerability to perform a denial of service attack.

Affected Software

VendorProductVersion RangeStatus
ZTEMF296RMF296R_Nordic1_B06affected

Weaknesses

  • CWE-122: CWE-122 Heap-based Buffer Overflow

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References