CVE-2023-22920
First published: Tue Feb 21 2023(Updated: )
A security misconfiguration vulnerability exists in the Zyxel LTE3316-M604 firmware version V2.00(ABMP.6)C0 due to a factory default misconfiguration intended for testing purposes. A remote attacker could leverage this vulnerability to access an affected device using Telnet.
Credit: security@zyxel.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zyxel Lte3202-m437 Firmware | =1.00\(abwf.1\)c0 | |
| Zyxel Lte3202-m437 | ||
| Zyxel LTE3316-M604 firmware | =2.00\(abmp.6\)c0 | |
| Zyxel LTE3316-M604 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-22920?
CVE-2023-22920 is a security misconfiguration vulnerability in the Zyxel LTE3316-M604 firmware.
How does CVE-2023-22920 occur?
CVE-2023-22920 occurs due to a factory default misconfiguration in the Zyxel LTE3316-M604 firmware.
What is the severity of CVE-2023-22920?
CVE-2023-22920 has a severity rating of 9.8 (critical).
How can an attacker exploit CVE-2023-22920?
An attacker can exploit CVE-2023-22920 by accessing the affected device using Telnet.
Is there a fix for CVE-2023-22920?
Yes, it is recommended to update the Zyxel LTE3316-M604 firmware to a version that addresses the security misconfiguration vulnerability.
- collector/nvd-index
- vendor/zyxel
- canonical/zyxel lte3202-m437 firmware
- version/zyxel lte3202-m437 firmware/1.00\(abwf.1\)c0
- canonical/zyxel lte3202-m437
- canonical/zyxel lte3316-m604 firmware
- version/zyxel lte3316-m604 firmware/2.00\(abmp.6\)c0
- canonical/zyxel lte3316-m604