Vulnerability Description
There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could overwrite some system configuration files and user installers without user permission.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zte | Blade A52 Firmware | < m02 |
| Zte | Blade A52 | - |
| Zte | Blade A51 Firmware | < m07 |
| Zte | Blade A51 | - |
| Zte | Blade A3 Lite Firmware | < m09 |
| Zte | Blade A3 Lite | - |
| Zte | Blade A5 2020 Firmware | < m05 |
| Zte | Blade A5 2020 | - |
| Zte | Blade L210 Firmware | < 1.14 |
| Zte | Blade L210 | - |
| Zte | Blade A7S Firmware | < 2.2 |
| Zte | Blade A7S | - |
| Zte | Blade A31 Firmware | < m03 |
| Zte | Blade A31 | - |
| Zte | Blade A31 Plus Firmware | < m04 |
| Zte | Blade A31 Plus | - |
| Zte | Blade A5 2019 Firmware | < m13 |
| Zte | Blade A5 2019 | - |
| Zte | Blade A71 Firmware | < 2.4 |
| Zte | Blade A71 | - |
References
- https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664Vendor Advisory
- https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664Vendor Advisory
FAQ
What is CVE-2022-39071?
CVE-2022-39071 is a vulnerability with a CVSS score of 7.1 (HIGH). There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could overwrite some system configuration files and user installers wi...
How severe is CVE-2022-39071?
CVE-2022-39071 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-39071?
Check the references section above for vendor advisories and patch information. Affected products include: Zte Blade A52 Firmware, Zte Blade A52, Zte Blade A51 Firmware, Zte Blade A51, Zte Blade A3 Lite Firmware.