First published: Fri Sep 24 2021(Updated: )
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
Credit: psirt@zte.com.cn
Affected Software | Affected Version | How to fix |
---|---|---|
Zte Axon 30 Pro Message Service | =5.3.1.2103091059 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-21742.
The severity rating of CVE-2021-21742 is medium with a severity value of 5.5.
The ZTE Axon 30 Pro Message Service app version 5.3.1.2103091059 is affected by this vulnerability.
Attackers can exploit this vulnerability by accessing specific pages of the ZTE Axon 30 Pro Message Service app and obtaining sensitive information of users.
Yes, ZTE has released a fix for CVE-2021-21742. Please refer to the ZTE support website for more information.