CVE-2022-39071

{"id": "CVE-2022-39071", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2023-05-30T23:15:09.273", "references": [{"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664", "tags": ["Vendor Advisory"], "source": "psirt@zte.com.cn"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could overwrite some system configuration files and user installers without user permission."}], "lastModified": "2023-06-07T14:40:35.163", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_a52_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DCC936C-DBBD-48AA-9137-F381048965E3", "versionEndExcluding": "m02"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_a52:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4375046D-68CA-46E5-969B-1285B69F0B7E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_a51_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7A6A9E2-8533-430C-97F4-8424C4D73869", "versionEndExcluding": "m07"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_a51:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F04649EA-CA70-464A-9757-F0C6AB4DE702"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_a3_lite_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9597C54-7308-4B43-AF04-9E6A38022ABE", "versionEndExcluding": "m09"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_a3_lite:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5E58B690-37E5-4FC7-8E60-43B1E9246E24"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_a5_2020_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30C94446-4764-4FD7-9F67-15E3CD0D0D90", "versionEndExcluding": "m05"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_a5_2020:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0AF55F5F-0133-48D7-948B-C17713876B64"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_l210_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A78D396-C7E1-460A-9CD9-228D8A658DA5", "versionEndExcluding": "1.14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_l210:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "22FCAC68-6802-4F75-B74C-BF1A1027379E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_a7s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F0C095C-9442-43B6-8387-3FBBC1530834", "versionEndExcluding": "2.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_a7s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "72824985-D247-42FD-830A-E14126BD9564"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_a31_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A5A6D1A-B7C7-45C4-A804-23EDFF899C46", "versionEndExcluding": "m03"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_a31:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "28D8EE5A-2116-47C8-AB8C-C0E92B05A5CF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_a31_plus_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7957E560-4710-444C-AE02-6D5B78FE2173", "versionEndExcluding": "m04"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_a31_plus:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "16A6D44D-8329-4184-9C96-125B1216A147"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_a5_2019_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A2FA782-2B80-46C5-AA04-3B295A9F2FA1", "versionEndExcluding": "m13"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_a5_2019:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "603B4CB3-4820-4C52-8D7D-B6FA12986D69"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_a71_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0708E04-2747-4454-91A2-E6D4E8653330", "versionEndExcluding": "2.4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_a71:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D6A5874F-3ED4-43E9-A74C-46EE10A155FC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_a72_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C68C556-C42D-4576-9D1C-659DCBFA6727", "versionEndExcluding": "11.0.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_a72:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "61A5C21C-FF84-4F9D-AEB0-DF65BA7E95CC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_v20_smart_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C2ABF13-488E-40EB-B38A-3952781584E9", "versionEndExcluding": "1.14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_v20_smart:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0D4B62DA-8444-4E2B-99EC-1E2C5D461884"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_v30_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D710F4D-160E-4EF7-9E14-DB191AF257DE", "versionEndExcluding": "1.11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_v30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "96BA29D9-5F3B-4CED-9BB7-C592B96783E5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_v30_vita_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0889637-EA9E-4246-ABC3-60EAEF5C83F2", "versionEndExcluding": "1.11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_v30_vita:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5C8CD2AE-1E1A-4A7F-8EB4-2042B5133E1F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:v40_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F23C14A8-9DC8-4F43-B33C-0CD1DDEF57B6", "versionEndExcluding": "11.0.4_9046"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:v40_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FF7A3907-B6FE-404F-B88C-7534903D9821"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:blade_v40_vita_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8198FF61-A3E0-4FB7-A44C-1A933E73F4F2", "versionEndExcluding": "11.0.2_8045"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:blade_v40_vita:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2DFDF882-AA8A-4D2D-86C8-F91833E6A1C6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zte:axon_40_ultra_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8966DAC9-4EE0-41DE-988E-8D6E5F6A06E1", "versionEndExcluding": "1.0.0b26"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zte:axon_40_ultra:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3C9F41AC-BCE6-416B-B11F-D86769525F9D"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@zte.com.cn"}