3.3
Advisory Published
Updated

CVE-2022-39074

First published: Tue May 30 2023(Updated: )

There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could start a non-public interface of an application without user permission.

Credit: psirt@zte.com.cn

Affected SoftwareAffected VersionHow to fix
Zte Blade A52 Firmware<m02
Zte Blade A52
Zte Blade A51 Firmware<m07
Zte Blade A51
Zte Blade A3 Lite Firmware<m09
Zte Blade A3 Lite
Zte Blade A5 2020 Firmware<m05
Zte Blade A5 2020
Zte Blade L210 Firmware<1.14
Zte Blade L210
Zte Blade A7s Firmware<2.2
Zte Blade A7s
Zte Blade A31 Firmware<m03
Zte Blade A31
Zte Blade A31 Plus Firmware<m04
Zte Blade A31 Plus
Zte Blade A5 2019 Firmware<m13
Zte Blade A5 2019
Zte Blade A71 Firmware<2.4
Zte Blade A71
Zte Blade A72 Firmware<11.0.3
Zte Blade A72
Zte Blade V20 Smart Firmware<1.14
Zte Blade V20 Smart
Zte Blade V30 Firmware<1.11
Zte Blade V30
Zte Blade V30 Vita Firmware<1.11
Zte Blade V30 Vita
Zte V40 Pro Firmware<11.0.4_9046
Zte V40 Pro
Zte Blade V40 Vita Firmware<11.0.2_8045
Zte Blade V40 Vita
Zte Axon 40 Ultra Firmware<1.0.0b26
Zte Axon 40 Ultra

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2022-39074?

    CVE-2022-39074 is an unauthorized access vulnerability in some ZTE mobile phones.

  • How does CVE-2022-39074 work?

    If a malicious application is installed on the phone, it could start a non-public interface of an application without user permission.

  • Which ZTE mobile phones are affected by CVE-2022-39074?

    ZTE Blade A52, ZTE Blade A51, ZTE Blade A3 Lite, ZTE Blade A5 2020, ZTE Blade L210, ZTE Blade A7s, ZTE Blade A31, ZTE Blade A31 Plus, ZTE Blade A5 2019, ZTE Blade A71, ZTE Blade A72, ZTE Blade V20 Smart, ZTE Blade V30, ZTE Blade V30 Vita, ZTE V40 Pro, ZTE Blade V40 Vita, and ZTE Axon 40 Ultra are affected by CVE-2022-39074.

  • What is the severity of CVE-2022-39074?

    CVE-2022-39074 has a severity level of low.

  • Is there a fix available for CVE-2022-39074?

    Please visit the ZTE support website for information on available fixes and patches for CVE-2022-39074.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203