What is the CVSS score of CVE-2026-40003?

CVE-2026-40003 has a CVSS 3.1 base score of 5.1 (Medium). CVSS vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L. EPSS exploitation probability: 0.0%.

ZTE ZX297520V3 BootROM CVE-2026-40003

EUVD-2026-28232 MEDIUM

Out-of-bounds Write (CWE-787)

2026-05-07 zte

GHSA-2jfv-r29r-j6wr

RCE Buffer Overflow Memory Corruption Zte

5.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L

Attack Vector

Physical

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

Low

Lifecycle Timeline

Analysis Generated

May 07, 2026 - 02:15 vuln.today

CVE Published

May 07, 2026 - 01:15 nvd

MEDIUM 5.1

DescriptionNVD

ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow, bypassing the Secure Boot signature verification mechanism, and achieving unauthorized code execution.

AnalysisAI

Arbitrary memory writes via USB in ZTE ZX297520V3 BootROM allow physical attackers with USB access to bypass Secure Boot signature verification and achieve unauthorized code execution by exploiting missing target address validation in USB download mode. The vulnerability requires physical device access and user interaction (device boot into download mode), resulting in a CVSS score of 5.1, but enables complete bypass of cryptographic security mechanisms and Secure Boot protections.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory