CVE-2020-6867
Severity Score
5.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
ZTE's SDON controller is impacted by the resource management error vulnerability. When RPC is frequently called by other applications in the case of mass traffic data in the system, it will result in no response for a long time and memory overflow risk. This affects: ZENIC ONE R22b versions V16.19.10P02SP002 and V16.19.10P02SP005.
El controlador SDON de ZTE está afectado por una vulnerabilidad de error de administración de los recursos. Cuando RPC es frecuentemente llamado por otras aplicaciones en el caso de datos de tráfico masivo en el sistema, resultaría en no responder por un largo tiempo y un riesgo de desbordamiento de memoria. Esto afecta a: ZENIC ONE R22b versiones V16.19.10P02SP002 y V16.19.10P02SP005.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-01-13 CVE Reserved
- 2020-04-30 CVE Published
- 2024-01-31 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1012842 | 2022-07-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Zte Search vendor "Zte" | Zenic One R22b Search vendor "Zte" for product "Zenic One R22b" | 6.19.10p02sp005 Search vendor "Zte" for product "Zenic One R22b" and version "6.19.10p02sp005" | - |
Affected
| ||||||
| Zte Search vendor "Zte" | Zenic One R22b Search vendor "Zte" for product "Zenic One R22b" | 16.19.10p02sp002 Search vendor "Zte" for product "Zenic One R22b" and version "16.19.10p02sp002" | - |
Affected
| ||||||