CVE-2023-22920 CRITICAL

CVE-2023-22920

Vendor Zyxel

Product LTE3316-M604

Weakness CWE-284

Published February 21, 2023

Last update March 12, 2025

View on NVD All CVEs

CVSS base score

9.8/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A security misconfiguration vulnerability exists in the Zyxel LTE3316-M604 firmware version V2.00(ABMP.6)C0 due to a factory default misconfiguration intended for testing purposes. A remote attacker could leverage this vulnerability to access an affected device using Telnet.

Key dates

02Disclosure timeline

February 21, 2023 CVE published

March 12, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-22920

Related vulnerabilities

CVE-2023-22920

01Description

02Disclosure timeline

03References

04Related CVE