CVE-2026-40002

Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation for applications accessing the service interface. Exploiting this vulnerability, an attacker can write files to specific partitions and set writable system properties.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:zte:nubia-in_nx809j_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zte:nubia-in_nx809j:-:*:*:*:*:*:*:*

History

08 Jul 2026, 03:29

Type Values Removed Values Added
CWE NVD-CWE-noinfo
First Time Zte
Zte nubia-in Nx809j Firmware
Zte nubia-in Nx809j
References () https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/8224335890517684583 - () https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/8224335890517684583 - Vendor Advisory
CPE cpe:2.3:o:zte:nubia-in_nx809j_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zte:nubia-in_nx809j:-:*:*:*:*:*:*:*

17 Apr 2026, 08:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-04-17 08:16

Updated : 2026-07-08 03:29


NVD link : CVE-2026-40002

Mitre link : CVE-2026-40002

CVE.ORG link : CVE-2026-40002


JSON object : View

Products Affected

zte

  • nubia-in_nx809j_firmware
  • nubia-in_nx809j
CWE
CWE-269

Improper Privilege Management

NVD-CWE-noinfo