CVE-2023-25646 (GCVE-0-2023-25646)
Vulnerability from cvelistv5 – Published: 2024-06-20 06:20 – Updated: 2024-08-02 11:25
VLAI?
Summary
There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations.
Severity ?
7.1 (High)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ZTE | ZXHN H388X |
Affected:
V10.1: AGZHM_1.3.1
(custom)
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:zte:zxhn_h388x_firmware:h388x_v10.1_agzhm_1.3.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "zxhn_h388x_firmware",
"vendor": "zte",
"versions": [
{
"lessThan": "h388x_v10.1_agzhm_1.4.0",
"status": "affected",
"version": "h388x_v10.1_agzhm_1.3.1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25646",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T19:09:05.696519Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T20:10:48.349Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:25:19.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1035844"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "ZXHN H388X",
"vendor": "ZTE",
"versions": [
{
"status": "affected",
"version": "V10.1: AGZHM_1.3.1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T06:20:44.058Z",
"orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"shortName": "zte"
},
"references": [
{
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1035844"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eH388X V10.1: AGZHM_1.4.0\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "H388X V10.1: AGZHM_1.4.0"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Permission and Access Control Vulnerability in ZTE H388X",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"assignerShortName": "zte",
"cveId": "CVE-2023-25646",
"datePublished": "2024-06-20T06:20:44.058Z",
"dateReserved": "2023-02-09T19:47:48.022Z",
"dateUpdated": "2024-08-02T11:25:19.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations.\"}, {\"lang\": \"es\", \"value\": \"Existe una vulnerabilidad de acceso no autorizado en ZTE H388X. Si H388X es causado por un craqueo del puerto serie por fuerza bruta, los atacantes con permisos de usuario comunes pueden usar esta vulnerabilidad para obtener permisos elevados en el dispositivo afectado mediante la realizaci\\u00f3n de operaciones espec\\u00edficas.\"}]",
"id": "CVE-2023-25646",
"lastModified": "2024-11-21T07:49:51.623",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@zte.com.cn\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 7.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"PHYSICAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.5, \"impactScore\": 6.0}]}",
"published": "2024-06-20T07:15:41.340",
"references": "[{\"url\": \"https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1035844\", \"source\": \"psirt@zte.com.cn\"}, {\"url\": \"https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1035844\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "psirt@zte.com.cn",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"psirt@zte.com.cn\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-281\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-25646\",\"sourceIdentifier\":\"psirt@zte.com.cn\",\"published\":\"2024-06-20T07:15:41.340\",\"lastModified\":\"2025-01-28T16:29:58.553\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de acceso no autorizado en ZTE H388X. Si H388X es causado por un craqueo del puerto serie por fuerza bruta, los atacantes con permisos de usuario comunes pueden usar esta vulnerabilidad para obtener permisos elevados en el dispositivo afectado mediante la realizaci\u00f3n de operaciones espec\u00edficas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@zte.com.cn\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.5,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.5,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@zte.com.cn\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-281\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-281\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zte:zxhn_h388x_firmware:10.1_agzhm_1.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B505C00-1388-4B53-B2E0-A43D5C794A10\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zte:zxhn_h388x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B08F94E-4211-4592-9919-4F2D0CD688E7\"}]}]}],\"references\":[{\"url\":\"https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1035844\",\"source\":\"psirt@zte.com.cn\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1035844\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1035844\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T11:25:19.252Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-25646\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-06-25T19:09:05.696519Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:zte:zxhn_h388x_firmware:h388x_v10.1_agzhm_1.3.1:*:*:*:*:*:*:*\"], \"vendor\": \"zte\", \"product\": \"zxhn_h388x_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"h388x_v10.1_agzhm_1.3.1\", \"lessThan\": \"h388x_v10.1_agzhm_1.4.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-26T20:10:43.639Z\"}}], \"cna\": {\"title\": \"Permission and Access Control Vulnerability in ZTE H388X\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-233\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-233 Privilege Escalation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.1, \"attackVector\": \"PHYSICAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"ZTE\", \"product\": \"ZXHN H388X\", \"versions\": [{\"status\": \"affected\", \"version\": \"V10.1: AGZHM_1.3.1\", \"versionType\": \"custom\"}], \"platforms\": [\"Linux\"], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"H388X V10.1: AGZHM_1.4.0\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eH388X V10.1: AGZHM_1.4.0\u003c/span\u003e\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1035844\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eThere is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations.\u003c/p\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-281\", \"description\": \"CWE-281 Improper Preservation of Permissions\"}]}], \"providerMetadata\": {\"orgId\": \"6786b568-6808-4982-b61f-398b0d9679eb\", \"shortName\": \"zte\", \"dateUpdated\": \"2024-06-20T06:20:44.058Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-25646\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-02T11:25:19.252Z\", \"dateReserved\": \"2023-02-09T19:47:48.022Z\", \"assignerOrgId\": \"6786b568-6808-4982-b61f-398b0d9679eb\", \"datePublished\": \"2024-06-20T06:20:44.058Z\", \"assignerShortName\": \"zte\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…