high
7.1
Advisory Published
Updated

CVE-2022-39075

First published: Tue May 30 2023(Updated: )

There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could delete some system files without user permission.

Credit: psirt@zte.com.cn psirt@zte.com.cn

Affected SoftwareAffected VersionHow to fix
Zte Blade A52 Firmware<m02
Zte Blade A52
Zte Blade A51 Firmware<m07
Zte Blade A51
Zte Blade A3 Lite Firmware<m09
Zte Blade A3 Lite
Zte Blade A5 2020 Firmware<m05
Zte Blade A5 2020
Zte Blade L210 Firmware<1.14
Zte Blade L210
Zte Blade A7s Firmware<2.2
Zte Blade A7s
Zte Blade A31 Firmware<m03
Zte Blade A31
Zte Blade A31 Plus Firmware<m04
Zte Blade A31 Plus
Zte Blade A5 2019 Firmware<m13
Zte Blade A5 2019
Zte Blade A71 Firmware<2.4
Zte Blade A71
Zte Blade A72 Firmware<11.0.3
Zte Blade A72
Zte Blade V20 Smart Firmware<1.14
Zte Blade V20 Smart
Zte Blade V30 Firmware<1.11
Zte Blade V30
Zte Blade V30 Vita Firmware<1.11
Zte Blade V30 Vita
Zte V40 Pro Firmware<11.0.4_9046
Zte V40 Pro
Zte Blade V40 Vita Firmware<11.0.2_8045
Zte Blade V40 Vita
Zte Axon 40 Ultra Firmware<1.0.0b26
Zte Axon 40 Ultra
All of
Zte Blade A52 Firmware<m02
Zte Blade A52
All of
Zte Blade A51 Firmware<m07
Zte Blade A51
All of
Zte Blade A3 Lite Firmware<m09
Zte Blade A3 Lite
All of
Zte Blade A5 2020 Firmware<m05
Zte Blade A5 2020
All of
Zte Blade L210 Firmware<1.14
Zte Blade L210
All of
Zte Blade A7s Firmware<2.2
Zte Blade A7s
All of
Zte Blade A31 Firmware<m03
Zte Blade A31
All of
Zte Blade A31 Plus Firmware<m04
Zte Blade A31 Plus
All of
Zte Blade A5 2019 Firmware<m13
Zte Blade A5 2019
All of
Zte Blade A71 Firmware<2.4
Zte Blade A71
All of
Zte Blade A72 Firmware<11.0.3
Zte Blade A72
All of
Zte Blade V20 Smart Firmware<1.14
Zte Blade V20 Smart
All of
Zte Blade V30 Firmware<1.11
Zte Blade V30
All of
Zte Blade V30 Vita Firmware<1.11
Zte Blade V30 Vita
All of
Zte V40 Pro Firmware<11.0.4_9046
Zte V40 Pro
All of
Zte Blade V40 Vita Firmware<11.0.2_8045
Zte Blade V40 Vita
All of
Zte Axon 40 Ultra Firmware<1.0.0b26
Zte Axon 40 Ultra

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2022-39075?

    CVE-2022-39075 is an unauthorized access vulnerability in some ZTE mobile phones, which allows a malicious application to delete system files without user permission.

  • Which ZTE mobile phones are affected by CVE-2022-39075?

    ZTE Blade A52 Firmware up to m02, ZTE Blade A51 Firmware up to m07, ZTE Blade A3 Lite Firmware up to m09, ZTE Blade A5 2020 Firmware up to m05, ZTE Blade L210 Firmware up to 1.14, ZTE Blade A7s Firmware up to 2.2, ZTE Blade A31 Firmware up to m03, ZTE Blade A31 Plus Firmware up to m04, ZTE Blade A5 2019 Firmware up to m13, ZTE Blade A71 Firmware up to 2.4, ZTE Blade A72 Firmware up to 11.0.3, ZTE Blade V20 Smart Firmware up to 1.14, ZTE Blade V30 Firmware up to 1.11, ZTE Blade V30 Vita Firmware up to 1.11, ZTE V40 Pro Firmware up to 11.0.4_9046, ZTE Blade V40 Vita Firmware up to 11.0.2_8045, and ZTE Axon 40 Ultra Firmware up to 1.0.0b26 are affected.

  • What is the severity of CVE-2022-39075?

    CVE-2022-39075 has a severity value of 7.1, indicating a high severity.

  • How can I fix CVE-2022-39075?

    To fix CVE-2022-39075, it is recommended to update the firmware of the affected ZTE mobile phones to the latest version provided by ZTE.

  • Where can I find more information about CVE-2022-39075?

    You can find more information about CVE-2022-39075 on the ZTE support website at https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203