Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation for applications accessing the service interface. Exploiting this vulnerability, an attacker can write files to specific partitions and set writable system properties.
References
| Link | Resource |
|---|---|
| https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/8224335890517684583 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
08 Jul 2026, 03:29
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | NVD-CWE-noinfo | |
| First Time |
Zte
Zte nubia-in Nx809j Firmware Zte nubia-in Nx809j |
|
| References | () https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/8224335890517684583 - Vendor Advisory | |
| CPE | cpe:2.3:o:zte:nubia-in_nx809j_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zte:nubia-in_nx809j:-:*:*:*:*:*:*:* |
17 Apr 2026, 08:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-04-17 08:16
Updated : 2026-07-08 03:29
NVD link : CVE-2026-40002
Mitre link : CVE-2026-40002
CVE.ORG link : CVE-2026-40002
JSON object : View
Products Affected
zte
- nubia-in_nx809j_firmware
- nubia-in_nx809j
CWE
