PT-2020-19279 · Zte · Zenic One R22B+1
Published
2020-04-30
·
Updated
2022-07-12
·
CVE-2020-6867
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
ZENIC ONE R22b versions V16.19.10P02SP002 and V16.19.10P02SP005
Description
The issue is related to a resource management error vulnerability in ZTE's SDON controller. When the RPC is frequently called by other applications in the case of mass traffic data in the system, it will result in no response for a long time and memory overflow risk.
Recommendations
For versions V16.19.10P02SP002 and V16.19.10P02SP005, consider restricting the frequency of RPC calls from other applications to minimize the risk of memory overflow. As a temporary workaround, limit the amount of mass traffic data in the system to prevent prolonged no-response situations. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sdon Controller
Zenic One R22B