Vulnerabilities > CVE-2021-21724 - Memory Leak vulnerability in ZTE Zxr10 8900E Firmware 3.03.20R2B30P1

CVSS 4.4 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

zte

CWE-401

NVD

Published: 2021-02-26

Updated: 2021-03-04

Summary

A ZTE product has a memory leak vulnerability. Due to the product's improper handling of memory release in certain scenarios, a local attacker with device permissions repeatedly attenuated the optical signal to cause memory leak and abnormal service. This affects: ZXR10 8900E, all versions up to V3.03.20R2B30P1.

Vulnerable Configurations

Part	Description	Count
OS	Zte ZTE Zxr10 8900E Firmware - ZTE Zxr10 8900E Firmware 3.03.20R2B30P1	2
Hardware	Zte ZTE Zxr10 8900E -	1

Common Weakness Enumeration (CWE)

CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

References

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1014584