ZTE Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged applications to trigger sensitive operations.
Summary
| CVE | CVE-2026-40002 |
|---|---|
| State | PUBLISHED |
| Assigner | zte |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-04-17 08:16:18 UTC |
| Updated | 2026-07-08 03:29:04 UTC |
| Description | Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation for applications accessing the service interface. Exploiting this vulnerability, an attacker can write files to specific partitions and set writable system properties. |
Risk And Classification
Primary CVSS: v3.1 8.8 HIGH from [email protected]
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS: 0.001210000 probability, percentile 0.022800000 (date 2026-07-09)
Problem Types: CWE-269 | NVD-CWE-noinfo | CWE-269 CWE-269: Improper Privilege Management
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Primary | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
| 3.1 | [email protected] | Secondary | 5 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L |
| 3.1 | CNA | CVSS | 5 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L |
CVSS v3.1 Breakdown
Attack Vector
LocalAttack Complexity
LowPrivileges Required
LowUser Interaction
NoneScope
ChangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Zte | Nubia-in Nx809j | - | All | All | All |
| Operating System | Zte | Nubia-in Nx809j Firmware | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | ZTE | Red Magic 11 Pro NX809J | affected GEN_NEEA_NX809J V1.0.0B14MR1 V1.0.0B14MR1 custom | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/8224335890517684583 | [email protected] | support.zte.com.cn | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: Christopher Nelson (en)
There are currently no legacy QID mappings associated with this CVE.