CVE-2022-39075

Q: What is the severity of CVE-2022-39075?

CVE-2022-39075 has a CVSS score of 7.1 (HIGH). This vulnerability allows malicious applications installed on affected ZTE mobile phones to delete system files without user permission. It affects users of specific ZTE smartphone models who install untrusted applications.

7.1 HIGH

📋 TL;DR

This vulnerability allows malicious applications installed on affected ZTE mobile phones to delete system files without user permission. It affects users of specific ZTE smartphone models who install untrusted applications.

💻 Affected Systems

Products:

ZTE mobile phones

Versions: Specific models and firmware versions not publicly detailed in available references

Operating Systems: Android-based ZTE firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability requires malicious app installation; exact affected models not specified in public references

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise including bricking the phone, data loss, or privilege escalation leading to full system control.

🟠

Likely Case

Malicious apps deleting critical system files causing device instability, crashes, or loss of functionality.

🟢

If Mitigated

Limited impact if users only install apps from trusted sources and maintain updated device software.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires user to install malicious application; no public exploit code available

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in public references

Vendor Advisory: https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664

Restart Required: Yes

Instructions:

1. Check for system updates in phone settings. 2. Install latest firmware update from ZTE. 3. Restart device after update completes.

🔧 Temporary Workarounds

Restrict app installations

all

Only install applications from official app stores and avoid sideloading untrusted APKs

Review app permissions

all

Regularly review and restrict unnecessary app permissions, especially file system access

🧯 If You Can't Patch

Only install applications from official app stores (Google Play Store)
Enable device security features and avoid rooting/jailbreaking the device

🔍 How to Verify

Check if Vulnerable:

Check device model and firmware version against ZTE security advisories

Check Version:

Settings > About Phone > Software Information

Verify Fix Applied:

Verify firmware version is updated to latest available and no unauthorized file deletions occur

📡 Detection & Monitoring

Log Indicators:

Unexpected system file deletions
App permission escalation attempts
File system modification by non-system apps

Network Indicators:

Downloads from untrusted sources
Suspicious app update behavior

SIEM Query:

Not applicable for mobile device monitoring

📊 Metadata

CVE ID: CVE-2022-39075

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

Published: May 30, 2023

Last Updated: January 13, 2025

🔗 References

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664 Vendor Advisory
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Axon 40 Ultra Firmware by Zte

Blade A3 Lite Firmware by Zte

Blade A31 Firmware by Zte

Blade A31 Plus Firmware by Zte

Blade A5 2019 Firmware by Zte

Blade A5 2020 Firmware by Zte

Blade A51 Firmware by Zte

Blade A52 Firmware by Zte

Blade A71 Firmware by Zte

Blade A72 Firmware by Zte

Blade A7s Firmware by Zte

Blade L210 Firmware by Zte

Blade V20 Smart Firmware by Zte

Blade V30 Firmware by Zte

Blade V30 Vita Firmware by Zte

Blade V40 Vita Firmware by Zte

V40 Pro Firmware by Zte