Unauthorized Access Vulnerability in ZTE H388X

CVE-2023-25646

7.1HIGH

Key Information

Vendor: Zte
Status: Zxhn H388x
Vendor: CVE Published:; 20 June 2024

Summary

There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations.

Affected Version(s)

ZXHN H388X = V10.1: AGZHM_1.3.1

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published.
Jun 20, 2024
Vulnerability Reserved.
Feb 9, 2023

Collectors

NVD DatabaseMitre Database