CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 0CVE-2023-25647 – Permission and Access Control Vulnerability in Some ZTE Mobile Phones
https://notcve.org/view.php?id=CVE-2023-25647
There is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, applications in mobile phone could monitor the touch event. • https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032264 • CWE-269: Improper Privilege Management CWE-863: Incorrect Authorization •
CVSS: 3.3EPSS: 0%CPEs: 34EXPL: 0CVE-2022-39074
https://notcve.org/view.php?id=CVE-2022-39074
There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could start a non-public interface of an application without user permission. • https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664 •
CVSS: 7.1EPSS: 0%CPEs: 34EXPL: 0CVE-2022-39075
https://notcve.org/view.php?id=CVE-2022-39075
There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could delete some system files without user permission. • https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664 •
CVSS: 7.1EPSS: 0%CPEs: 34EXPL: 0CVE-2022-39071
https://notcve.org/view.php?id=CVE-2022-39071
There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could overwrite some system configuration files and user installers without user permission. • https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664 •