CVE-2023-25646
7.1
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ZTE | ZXHN H388X | V10.1: AGZHM_1.3.1 | affected |
Weaknesses
- CWE-281: CWE-281 Improper Preservation of Permissions
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.