CVE-2025-46582
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-27
Last updated on: 2025-10-27
Assigner: ZTE Corporation
Description
Description
A private key disclosure vulnerability exists in ZTE's ZXMP M721 product. A low-privileged user can bypass authorization checks to view the device's communication private key, resulting in key exposure and impacting communication security.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zte | zxmp_m721 | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-321 | The product uses a hard-coded, unchangeable cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in ZTE's ZXMP M721 product allows a low-privileged user to bypass authorization checks and view the device's communication private key. This leads to the exposure of the private key, which is critical for securing communications.
How can this vulnerability impact me? :
The exposure of the communication private key can compromise the security of communications, potentially allowing attackers to intercept or decrypt sensitive data, leading to a loss of confidentiality.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70