Key Information Vulnerability Overview Vulnerability Type: Denial of Service (DoS) Affected Product: ZTE MC889A Pro Cause: Insufficient input parameter validation in the Short Message Service (SMS) interface, allowing attackers to exploit this vulnerability to perform DoS attacks. Identifiers ID: SA-202510-923934 CVE ID: CVE-2025-46583 CNNVD ID: CNNVD-2025-59017660 Vulnerability Rating CVSS 3.1 Score: 5.3 (Medium) Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products and Fixed Versions Mitigation Measures No specific mitigations available Vulnerability Source External Acknowledgments Thank you to Mateusz Lach for attention to the product and collaborative disclosure of the vulnerability. Version Update Method Contact ZTE Global Customer Support Center to obtain the updated version. Global Customer Support Center http://support.zte.com.cn/support/web/Contact.aspx?_langType=en ZTE PSIRT https://www.zte.com.cn/global/about/trust-center/ztepsirt.html Update History 2025-10-27, Initial Release