CVE-2022-23138

HIGH

ZTE MF297D - Info Disclosure

Title source: llm

Description

ZTE's MF297D product has cryptographic issues vulnerability. Due to the use of weak random values, the security of the device is reduced, and it may face the risk of attack.

References (1)

[Vendor Advisory] https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1024624

Scores

CVSS v3 7.5

EPSS 0.0040

EPSS Percentile 60.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-330

Status published

Products (1)

zte/mf297d_firmware mf297d_nordic1_b05

Published Jun 09, 2022

Tracked Since Feb 18, 2026