CVE-2025-46583

Published: Oct 27, 2025Modified: Oct 27, 2025

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 3.9 / Impact: 1.4

Source: psirt@zte.com.cn (Secondary)

Description

There is a Denial of Service（DoS）vulnerability in the ZTE MC889A Pro product. Due to insufficient validation of the input parameters of the Short Message Service interface, allowing an attacker to exploit it to carry out a DoS attack.

Related CWEs

CWE-116

Improper Encoding or Escaping of Output

The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

References (1)

https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/2594779029512220894

Source: psirt@zte.com.cn

Timeline

No history available yet.