Medium severity5.0NVD Advisory· Published Apr 17, 2026· Updated Apr 17, 2026

CVE-2026-40002

Description

Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation for applications accessing the service interface. Exploiting this vulnerability, an attacker can write files to specific partitions and set writable system properties.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/8224335890517684583nvd

News mentions

No linked articles in our index yet.

cvss	0.325
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000