First published: Thu Jun 24 2021(Updated: )
A smart STB product of ZTE is impacted by a permission and access control vulnerability. Due to insufficient protection of system application, attackers could use this vulnerability to tamper with the system desktop and affect system customization functions. This affects: ZXV10 B860H V5.0, V83011303.0010, V83011303.0016
Credit: psirt@zte.com.cn
Affected Software | Affected Version | How to fix |
---|---|---|
Zte Zxv10 B860h V5.0 Firmware | =v83011303.0010 | |
Zte Zxv10 B860h V5.0 Firmware | =v83011303.0016 | |
Zte Zxv10 B860h V5.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-21737 is a permission and access control vulnerability affecting ZTE ZXV10 B860H V5.0 smart STB products.
CVE-2021-21737 has a severity score of 7.5 which is considered high.
The affected software versions are ZTE ZXV10 B860H V5.0 Firmware v83011303.0010 and v83011303.0016.
CVE-2021-21737 could allow attackers to tamper with the system desktop and affect system customization functions due to insufficient protection of system application.
Yes, ZTE ZXV10 B860H V5.0 is vulnerable to CVE-2021-21737.
To fix CVE-2021-21737, it is recommended to apply the latest firmware update provided by ZTE.
You can find more information about CVE-2021-21737 at the following reference: [ZTE Support](https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1016004)