CVE-2020-6875
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A ZTE product is impacted by the improper access control vulnerability. Due to lack of an authentication protection mechanism in the program, attackers could use this vulnerability to gain access right through brute-force attacks. This affects: <ZXONE 19700 SNPE><ZXONE8700V1.40R2B13_SNPE>
Un producto ZTE está afectado por una vulnerabilidad de control de acceso inapropiado. Debido a una falta de un mecanismo de protección de autenticación en el programa, unos atacantes podrían usar esta vulnerabilidad para conseguir derecho de acceso por medio de ataques de fuerza bruta. Esto afecta a: (ZXONE 19700 SNPE)(ZXONE8700V1.40R2B13_SNPE)
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-01-13 CVE Reserved
- 2020-10-05 CVE Published
- 2023-06-21 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-306: Missing Authentication for Critical Function
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1013643 | 2021-07-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Zte Search vendor "Zte" | Zxone 19700 Snpe Firmware Search vendor "Zte" for product "Zxone 19700 Snpe Firmware" | zxone8700v1.40r2b13_snpe Search vendor "Zte" for product "Zxone 19700 Snpe Firmware" and version "zxone8700v1.40r2b13_snpe" | - |
Affected
| in | Zte Search vendor "Zte" | Zxone 19700 Snpe Search vendor "Zte" for product "Zxone 19700 Snpe" | - | - |
Safe
|