CVE-2026-40003
BaseFortify
Publication date: 2026-05-07
Last updated on: 2026-05-07
Assigner: ZTE Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zte | zx297520v3_bootrom | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in the ZTE ZX297520V3 BootROM and allows attackers to perform arbitrary memory writes via USB.
This happens because the USB download mode does not validate the target address, enabling attackers to write data to any location in the BootROM runtime memory.
By doing so, attackers can overwrite the stack, hijack the execution flow, bypass the Secure Boot signature verification mechanism, and execute unauthorized code.
How can this vulnerability impact me? :
This vulnerability can have serious impacts including unauthorized code execution on the affected device.
Attackers exploiting this flaw can hijack the device's execution flow and bypass security mechanisms like Secure Boot, potentially leading to device compromise.
Such unauthorized access could result in data manipulation, disruption of device functionality, or use of the device for malicious purposes.