CVE-2025-66314 | THREATINT

Description

Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ElasticNet UME R32: ElasticNet_UME_R32_V16.23.20.04.

PUBLISHED Reserved 2025-11-27 | Published 2025-11-27 | Updated 2025-11-28 | Assigner zte

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-269 Improper Privilege Management

Product status

Default status

unaffected

ElasticNet_UME_R32_V16.23.20.04 (custom)

affected

References

support.zte.com.cn/...ui/bulletin/detail/2180460616364429350

cve.org (CVE-2025-66314)

nvd.nist.gov (CVE-2025-66314)

Download JSON