CVE-2021-21732
First published: Wed May 19 2021(Updated: )
A mobile phone of ZTE is impacted by improper access control vulnerability. Due to improper permission settings, third-party applications can read some files in the proc file system without authorization. Attackers could exploit this vulnerability to obtain sensitive information. This affects Axon 11 5G ZTE/CN_P725A12/P725A12:10/QKQ1.200816.002/20201116.175317:user/release-keys.
Credit: psirt@zte.com.cn
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zte Axon 11 5g Firmware | <2021.5.1 | |
| Zte Axon 11 5g |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this ZTE mobile phone vulnerability?
The vulnerability ID is CVE-2021-21732.
What is the severity level of CVE-2021-21732?
The severity level of CVE-2021-21732 is high.
How does CVE-2021-21732 affect ZTE Axon 11 5G firmware?
CVE-2021-21732 allows third-party applications to read sensitive files in the proc file system without authorization on ZTE Axon 11 5G firmware.
Is ZTE Axon 11 5G vulnerable to CVE-2021-21732?
Yes, ZTE Axon 11 5G firmware version 2021.5.1 is vulnerable to CVE-2021-21732.
How can I fix CVE-2021-21732?
To fix CVE-2021-21732, ZTE has released a security update. Please refer to ZTE's official support website for instructions and download links.
- collector/nvd-index
- agent/references
- agent/event
- agent/type
- agent/severity
- agent/description
- agent/author
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/zte
- canonical/zte axon 11 5g firmware
- canonical/zte axon 11 5g