CVE-2022-23138
HIGHZTE MF297D Firmware - Use of Insufficiently Random Values
Title source: llmDescription
ZTE's MF297D product has cryptographic issues vulnerability. Due to the use of weak random values, the security of the device is reduced, and it may face the risk of attack.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1024624
Scores
CVSS v3
7.5
EPSS
0.0085
EPSS Percentile
53.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-330
Status
published
Products (1)
zte/mf297d_firmware
mf297d_nordic1_b05
Published
Jun 09, 2022
Tracked Since
Feb 18, 2026