← voltar
CVE-2023-25645

CVE-2023-25645

CVSS 7.7 HIGHEPSS 0.3%CWE-276
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.7EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
16 jun 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Due to improper permission settings, non-privileged application can perform functions that are protected with signature/privilege-level permissions. Exploitation of this vulnerability could clear personal data and applications on the user's device, affecting device operation.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Produtos afetados
n/a · UP T2 4K, ZXV10 B866V2-H, ZXV10 B866V2, ZXV10 B860H V5D0, ZXV10 B866V2F

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1031464