CVE-2025-46582 | THREATINT

Description

A private key disclosure vulnerability exists in ZTE's ZXMP M721 product. A low-privileged user can bypass authorization checks to view the device's communication private key, resulting in key exposure and impacting communication security.

PUBLISHED Reserved 2025-04-25 | Published 2025-10-27 | Updated 2025-10-27 | Assigner zte

HIGH: 7.7CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Problem types

CWE-321: Use of Hard-coded Cryptographic Key

Product status

Default status

unaffected

ZXMPM721V5.30.020.001P01

affected

References

support.zte.com.cn/...ui/bulletin/detail/2594779029512220847

cve.org (CVE-2025-46582)

nvd.nist.gov (CVE-2025-46582)

Download JSON