PT-2021-14750 · Zte · Zte Zxctn 6120H

Published

2021-08-05

Updated

2021-08-12

CVE-2021-21739

CVSS v3.1

4.6

Medium

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions ZTE ZXCTN 6120H version V5.10.00B24

Description A security issue exists in ZTE's transport network access layer product due to insufficient data reliability verification. This allows attackers to replace an authenticated optical module with an unauthenticated one, bypassing system authentication and detection, which affects signal transmission.

Recommendations For ZTE ZXCTN 6120H version V5.10.00B24, consider restricting access to the optical module replacement process until a fix is available to prevent unauthorized module swaps. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Insufficient Verification of Data Authenticity

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-345

Related Identifiers

CVE-2021-21739

Affected Products

Zte Zxctn 6120H

PT-2021-14750 · Zte · Zte Zxctn 6120H

CVE-2021-21739

Weakness Enumeration

Related Identifiers

Affected Products

References · 3