Details of VAR-202510-2091

ID

VAR-202510-2091

CVE

CVE-2025-46583

TITLE

ZTE MC889A Pro Denial-of-Service Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-26158

DESCRIPTION

There is a Denial of Service（DoS）vulnerability in the ZTE MC889A Pro product. Due to insufficient validation of the input parameters of the Short Message Service interface, allowing an attacker to exploit it to carry out a DoS attack. The ZTE MC889A Pro is a router manufactured by ZTE Corporation, a Chinese company. Attackers can exploit this vulnerability to cause a denial-of-service attack

Trust: 1.44

sources: NVD: CVE-2025-46583 // CNVD: CNVD-2025-26158

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-26158

AFFECTED PRODUCTS

vendor:

zte

model:

mc889a pro

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2025-26158

CVSS

SEVERITY

CVSSV2

CVSSV3

psirt@zte.com.cn:	CVE-2025-46583
value:	MEDIUM
Trust: 1.0
CNVD:	CNVD-2025-26158
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2025-26158
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

psirt@zte.com.cn:	CVE-2025-46583
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2025-26158 // NVD: CVE-2025-46583

PROBLEMTYPE DATA

problemtype:

CWE-116

Trust: 1.0

sources: NVD: CVE-2025-46583

PATCH

title:

Patch for ZTE MC889A Pro Denial-of-Service Vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/748296

Trust: 0.6

sources: CNVD: CNVD-2025-26158

EXTERNAL IDS

db:	NVD	id:	CVE-2025-46583	Trust: 1.6
db:	CNVD	id:	CNVD-2025-26158	Trust: 0.6

sources: CNVD: CNVD-2025-26158 // NVD: CVE-2025-46583

REFERENCES

url:	https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/2594779029512220894	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-46583	Trust: 0.6

sources: CNVD: CNVD-2025-26158 // NVD: CVE-2025-46583

SOURCES

db:	CNVD	id:	CNVD-2025-26158
db:	NVD	id:	CVE-2025-46583

LAST UPDATE DATE

2025-11-19T23:30:51.162000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-26158	date:	2025-10-31T00:00:00
db:	NVD	id:	CVE-2025-46583	date:	2025-10-27T13:19:49.063

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-26158	date:	2025-10-31T00:00:00
db:	NVD	id:	CVE-2025-46583	date:	2025-10-27T10:15:39.210