Statement on WiFi Security Vulnerability - FragAttacks

Original release date: May 18, 2021


Security Notice

Recently, the Wi-Fi security vulnerability known as FragAttacks has been disclosed. 12 related vulnerabilities are: CVE-2020-24588, CVE-2020-24587, CVE-2020-24586, CVE-2020-26145, CVE-2020-26144, CVE-2020-26140, CVE-2020-26143, CVE-2020-26139, CVE-2020-26146, CVE-2020-26147, CVE-2020-26142 and CVE-2020-26141.

ZTE started impact analysis immediately, and the work is ongoing. ZTE PSIRT will update the security notice at any time. Please keep updated to our security notice for this vulnerability.


Update Records

Mayl 18, 2021, initial.


ZTE Security Incident Response Mechanism

ZTE's PSIRT team is responsible for receiving, processing and disclosing security vulnerabilities related to ZTE's products and solutions. Coordinating with customers and stakeholders, the PSIRT team quickly develops solutions. Creating a key security incident response mechanism for security incidents ensures a unified coordination, fast repair, and swift service recovery into effect. 

To obtain ZTE product vulnerability information, please visit:

If you need to report security vulnerabilities related to ZTE products, please contact ZTE PSIRT:, PGP key ID: FF095577.


Supporting team contacts

1.  ZTE GCSC hotline:




2.  Product forum at ZTE Support website.