CVE-2023-41779

MEDIUM

ZTE ZXCLOUD iRAI < 7.23.32 - Authenticated Denial of Service via Illegal Memory Access

Title source: llm

Description

There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the vulnerability is exploited by an attacker with the common user permission, the physical machine will be crashed.

References (1)

Core 1

Core References

Vendor Advisory

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404

Scores

CVSS v3 4.4

EPSS 0.0002

EPSS Percentile 6.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-119 CWE-863

Status published

Products (1)

zte/zxcloud_irai < 7.23.32

Published Jan 03, 2024

Tracked Since Feb 18, 2026