CVE-2023-25645

Q: What is the severity of CVE-2023-25645?

CVE-2023-25645 has a CVSS score of 7.7 (HIGH). This vulnerability in ZTE AndroidTV set-top boxes allows non-privileged applications to bypass permission controls and execute protected functions. Attackers could exploit this to clear user data and applications, potentially disrupting device operation. Only users of affected ZTE AndroidTV STBs are impacted.

7.7 HIGH

📋 TL;DR

This vulnerability in ZTE AndroidTV set-top boxes allows non-privileged applications to bypass permission controls and execute protected functions. Attackers could exploit this to clear user data and applications, potentially disrupting device operation. Only users of affected ZTE AndroidTV STBs are impacted.

💻 Affected Systems

Products:

ZTE AndroidTV Set-Top Boxes

Versions: Specific versions not publicly detailed in advisory

Operating Systems: Android-based TV OS

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in permission framework implementation; exact model numbers not specified in public advisory.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device wipe with loss of all personal data, applications, and settings, requiring factory reset and reconfiguration.

🟠

Likely Case

Malicious app clears user data and installed applications, causing service disruption and data loss.

🟢

If Mitigated

Proper permission controls prevent unauthorized access, limiting impact to intended app functionality only.

🌐 Internet-Facing: LOW (requires local app installation on device)

🏢 Internal Only: MEDIUM (requires malicious app installation on local network devices)

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires installing a malicious application on the device; no authentication bypass needed once app is installed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in public advisory

Vendor Advisory: https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1031464

Restart Required: Yes

Instructions:

1. Contact ZTE support for specific patch information. 2. Apply firmware updates provided by ZTE. 3. Restart device after update completion.

🔧 Temporary Workarounds

Restrict App Installation

all

Prevent installation of untrusted applications on the device

Enable 'Install unknown apps' restriction in Android settings

Disable Unnecessary Permissions

all

Review and restrict app permissions to minimum required

Navigate to Settings > Apps > [App Name] > Permissions

🧯 If You Can't Patch

Isolate affected devices on separate network segment
Implement application allowlisting to prevent unauthorized app installation

🔍 How to Verify

Check if Vulnerable:

Check device model and firmware version against ZTE advisory; test with permission auditing tools if available.

Check Version:

Settings > About > Build number / Software version

Verify Fix Applied:

Verify firmware version matches patched version from ZTE; test permission controls with security testing tools.

📡 Detection & Monitoring

Log Indicators:

Unexpected permission grants to non-privileged apps
App clearance or data deletion events from unprivileged sources

Network Indicators:

Unusual app installation traffic to device
Communication with unknown app repositories

SIEM Query:

Event logs showing app permission escalation or data clearance from non-system apps

📊 Metadata

CVE ID: CVE-2023-25645

CVSS v3 Score: 7.7 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE: CWE-276

Published: June 16, 2023

Last Updated: December 12, 2024

🔗 References

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1031464 Vendor Advisory
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1031464 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Up T2 4k Firmware by Zte

Zxv10 B860h V5d0 Firmware by Zte

Zxv10 B860h V5d0 Firmware by Zte

Zxv10 B860h V5d0 Firmware by Zte

Zxv10 B860h V5d0 Firmware by Zte

Zxv10 B860h V5d0 Firmware by Zte

Zxv10 B866v2 Firmware by Zte

Zxv10 B866v2 Firmware by Zte

Zxv10 B866v2 Firmware by Zte

Zxv10 B866v2 Firmware by Zte

Zxv10 B866v2 Firmware by Zte

Zxv10 B866v2 Firmware by Zte

Zxv10 B866v2 Firmware by Zte

Zxv10 B866v2 Firmware by Zte

Zxv10 B866v2 H Firmware by Zte

Zxv10 B866v2 H Firmware by Zte

Zxv10 B866v2 H Firmware by Zte

Zxv10 B866v2 H Firmware by Zte

Zxv10 B866v2f Firmware by Zte

Zxv10 B866v2f Firmware by Zte

Zxv10 B866v2f Firmware by Zte

Zxv10 B866v2f Firmware by Zte

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict App Installation

Disable Unnecessary Permissions

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities