All the vulnerabilites related to Unisoc (Shanghai) Technologies Co., Ltd. - SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
cve-2023-42686
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:06.622Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42686",
"datePublished": "2023-12-04T00:54:06.622Z",
"dateReserved": "2023-09-13T07:40:40.026Z",
"dateUpdated": "2024-08-02T19:23:40.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42730
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In IMS service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In IMS service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:18.612Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42730",
"datePublished": "2023-12-04T00:54:18.612Z",
"dateReserved": "2023-09-13T07:40:40.037Z",
"dateUpdated": "2024-08-02T19:30:24.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48345
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:23
Severity ?
EPSS score ?
Summary
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:50.813Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48345",
"datePublished": "2024-01-18T02:44:50.813Z",
"dateReserved": "2023-11-15T08:11:00.390Z",
"dateUpdated": "2024-08-02T21:23:39.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42691
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:07.995Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42691",
"datePublished": "2023-12-04T00:54:07.995Z",
"dateReserved": "2023-09-13T07:40:40.027Z",
"dateUpdated": "2024-08-02T19:23:40.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42648
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:49
Severity ?
EPSS score ?
Summary
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42648",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:49:25.285987Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:49:38.151Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:13.634Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42648",
"datePublished": "2023-11-01T09:08:13.634Z",
"dateReserved": "2023-09-12T08:33:30.067Z",
"dateUpdated": "2024-09-05T19:49:38.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48458
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:31
Severity ?
EPSS score ?
Summary
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.849Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48458",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:29:52.685988Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:31:04.148Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:16.873Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2022-48458",
"datePublished": "2023-11-01T09:08:16.873Z",
"dateReserved": "2023-04-13T02:35:16.242Z",
"dateUpdated": "2024-09-05T19:31:04.148Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42640
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-06 16:40
Severity ?
EPSS score ?
Summary
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42640",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T16:40:18.913093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T16:40:41.225Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:11.311Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42640",
"datePublished": "2023-11-01T09:08:11.311Z",
"dateReserved": "2023-09-12T08:33:30.066Z",
"dateUpdated": "2024-09-06T16:40:41.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42699
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:10.146Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42699",
"datePublished": "2023-12-04T00:54:10.146Z",
"dateReserved": "2023-09-13T07:40:40.028Z",
"dateUpdated": "2024-08-02T19:23:40.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-40634
Vulnerability from cvelistv5
Published
2023-10-08 03:35
Modified
2024-09-19 15:41
Severity ?
EPSS score ?
Summary
In phasechecksercer, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.033Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc7731e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9832e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9863a",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t310",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t606",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t612",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t616",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t610",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t618",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t760",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t770",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "s8000",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40634",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:29:28.039796Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:41:06.243Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In phasechecksercer, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-10-08T03:35:58.711Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-40634",
"datePublished": "2023-10-08T03:35:58.711Z",
"dateReserved": "2023-08-18T02:28:08.631Z",
"dateUpdated": "2024-09-19T15:41:06.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42654
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 18:12
Severity ?
EPSS score ?
Summary
In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42654",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T18:11:44.492363Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T18:12:04.254Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:17.997Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42654",
"datePublished": "2023-11-01T09:08:17.997Z",
"dateReserved": "2023-09-12T08:33:30.068Z",
"dateUpdated": "2024-09-05T18:12:04.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48350
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:52.068Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48350",
"datePublished": "2024-01-18T02:44:52.068Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2024-08-02T21:30:33.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52346
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-11-04 17:31
Severity ?
EPSS score ?
Summary
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52346",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-08T16:05:36.855182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T17:31:44.800Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:16.048Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52346",
"datePublished": "2024-04-08T02:21:16.048Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2024-11-04T17:31:44.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48343
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:23
Severity ?
EPSS score ?
Summary
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:50.326Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48343",
"datePublished": "2024-01-18T02:44:50.326Z",
"dateReserved": "2023-11-15T08:11:00.390Z",
"dateUpdated": "2024-08-02T21:23:39.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42739
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In engineermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In engineermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:22.106Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42739",
"datePublished": "2023-12-04T00:54:22.106Z",
"dateReserved": "2023-09-13T07:40:40.045Z",
"dateUpdated": "2024-08-02T19:30:23.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42722
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In camera service, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In camera service, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:16.523Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42722",
"datePublished": "2023-12-04T00:54:16.523Z",
"dateReserved": "2023-09-13T07:40:40.035Z",
"dateUpdated": "2024-08-02T19:30:23.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-33910
Vulnerability from cvelistv5
Published
2023-08-07 01:54
Modified
2024-10-17 14:46
Severity ?
EPSS score ?
Summary
In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:13.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1687281677639942145"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33910",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T14:46:36.525145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T14:46:52.599Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges"
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T01:54:44.692Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1687281677639942145"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-33910",
"datePublished": "2023-08-07T01:54:44.692Z",
"dateReserved": "2023-05-23T06:51:01.536Z",
"dateUpdated": "2024-10-17T14:46:52.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42650
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:48
Severity ?
EPSS score ?
Summary
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42650",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:48:07.933245Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:48:23.290Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:14.192Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42650",
"datePublished": "2023-11-01T09:08:14.192Z",
"dateReserved": "2023-09-12T08:33:30.067Z",
"dateUpdated": "2024-09-05T19:48:23.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42688
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-10-17 15:26
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "Android11"
},
{
"status": "affected",
"version": "Android12"
},
{
"status": "affected",
"version": "Android13"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-42688",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:15:07.144294Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T15:26:32.088Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:07.183Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42688",
"datePublished": "2023-12-04T00:54:07.183Z",
"dateReserved": "2023-09-13T07:40:40.026Z",
"dateUpdated": "2024-10-17T15:26:32.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42743
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:23.175Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42743",
"datePublished": "2023-12-04T00:54:23.175Z",
"dateReserved": "2023-09-13T07:40:40.046Z",
"dateUpdated": "2024-08-02T19:30:24.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48454
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:40
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48454",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:40:26.873223Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:40:49.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:15.718Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2022-48454",
"datePublished": "2023-11-01T09:08:15.718Z",
"dateReserved": "2023-04-13T02:35:16.241Z",
"dateUpdated": "2024-09-05T19:40:49.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39428
Vulnerability from cvelistv5
Published
2024-07-01 08:40
Modified
2024-08-02 04:26
Severity ?
EPSS score ?
Summary
In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39428",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T20:53:20.461642Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T20:53:31.436Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:15.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T08:40:57.909Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39428",
"datePublished": "2024-07-01T08:40:57.909Z",
"dateReserved": "2024-06-25T06:13:32.357Z",
"dateUpdated": "2024-08-02T04:26:15.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42696
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.333Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:09.338Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42696",
"datePublished": "2023-12-04T00:54:09.338Z",
"dateReserved": "2023-09-13T07:40:40.027Z",
"dateUpdated": "2024-08-02T19:23:40.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39431
Vulnerability from cvelistv5
Published
2024-09-27 07:37
Modified
2024-09-27 15:42
Severity ?
EPSS score ?
Summary
In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_12"
},
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39431",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T15:41:03.864954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T15:42:50.544Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T07:37:40.908Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39431",
"datePublished": "2024-09-27T07:37:40.908Z",
"dateReserved": "2024-06-25T06:13:32.358Z",
"dateUpdated": "2024-09-27T15:42:50.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42687
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:06.908Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42687",
"datePublished": "2023-12-04T00:54:06.908Z",
"dateReserved": "2023-09-13T07:40:40.026Z",
"dateUpdated": "2024-08-02T19:23:40.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42704
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.093Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:11.463Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42704",
"datePublished": "2023-12-04T00:54:11.463Z",
"dateReserved": "2023-09-13T07:40:40.029Z",
"dateUpdated": "2024-08-02T19:30:23.093Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42711
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:13.328Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42711",
"datePublished": "2023-12-04T00:54:13.328Z",
"dateReserved": "2023-09-13T07:40:40.032Z",
"dateUpdated": "2024-08-02T19:30:23.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42738
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-28 19:48
Severity ?
EPSS score ?
Summary
In telocom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.573Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc7731e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9832e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9863a",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t310",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t606",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t612",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t616",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t610",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t618",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t760",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t770",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "s8000",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11_12_13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42738",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T19:35:25.871919Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T19:48:32.562Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telocom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:21.821Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42738",
"datePublished": "2023-12-04T00:54:21.821Z",
"dateReserved": "2023-09-13T07:40:40.045Z",
"dateUpdated": "2024-08-28T19:48:32.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42683
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:05.807Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42683",
"datePublished": "2023-12-04T00:54:05.807Z",
"dateReserved": "2023-09-13T07:40:40.026Z",
"dateUpdated": "2024-08-02T19:23:40.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-40637
Vulnerability from cvelistv5
Published
2023-10-08 03:35
Modified
2024-09-19 15:11
Severity ?
EPSS score ?
Summary
In telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40637",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:10:17.551086Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:11:02.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges"
}
],
"providerMetadata": {
"dateUpdated": "2023-10-08T03:35:59.619Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-40637",
"datePublished": "2023-10-08T03:35:59.619Z",
"dateReserved": "2023-08-18T02:28:08.631Z",
"dateUpdated": "2024-09-19T15:11:02.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-40640
Vulnerability from cvelistv5
Published
2023-10-08 03:36
Modified
2024-09-19 15:03
Severity ?
EPSS score ?
Summary
In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40640",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:03:09.375879Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:03:20.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges"
}
],
"providerMetadata": {
"dateUpdated": "2023-10-08T03:36:00.549Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-40640",
"datePublished": "2023-10-08T03:36:00.549Z",
"dateReserved": "2023-08-18T02:28:08.632Z",
"dateUpdated": "2024-09-19T15:03:20.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42712
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-28 19:53
Severity ?
EPSS score ?
Summary
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42712",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T19:53:04.592826Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T19:53:16.358Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:13.611Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42712",
"datePublished": "2023-12-04T00:54:13.611Z",
"dateReserved": "2023-09-13T07:40:40.032Z",
"dateUpdated": "2024-08-28T19:53:16.358Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48457
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:32
Severity ?
EPSS score ?
Summary
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.855Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48457",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:32:22.685234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:32:35.635Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:16.578Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2022-48457",
"datePublished": "2023-11-01T09:08:16.578Z",
"dateReserved": "2023-04-13T02:35:16.242Z",
"dateUpdated": "2024-09-05T19:32:35.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48452
Vulnerability from cvelistv5
Published
2023-09-04 01:16
Modified
2024-09-30 18:54
Severity ?
EPSS score ?
Summary
In Ifaa service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.909Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48452",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T18:53:41.750880Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T18:54:00.901Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android10/Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Ifaa service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T01:16:12.309Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2022-48452",
"datePublished": "2023-09-04T01:16:12.309Z",
"dateReserved": "2023-04-13T02:35:16.241Z",
"dateUpdated": "2024-09-30T18:54:00.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42698
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.294Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:09.873Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42698",
"datePublished": "2023-12-04T00:54:09.873Z",
"dateReserved": "2023-09-13T07:40:40.028Z",
"dateUpdated": "2024-08-02T19:23:40.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48339
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:23
Severity ?
EPSS score ?
Summary
In jpg driver, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.507Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In jpg driver, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:49.303Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48339",
"datePublished": "2024-01-18T02:44:49.303Z",
"dateReserved": "2023-11-15T08:11:00.389Z",
"dateUpdated": "2024-08-02T21:23:39.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48344
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:23
Severity ?
EPSS score ?
Summary
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:50.572Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48344",
"datePublished": "2024-01-18T02:44:50.572Z",
"dateReserved": "2023-11-15T08:11:00.390Z",
"dateUpdated": "2024-08-02T21:23:39.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42690
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:07.726Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42690",
"datePublished": "2023-12-04T00:54:07.726Z",
"dateReserved": "2023-09-13T07:40:40.027Z",
"dateUpdated": "2024-08-02T19:23:40.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48459
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:29
Severity ?
EPSS score ?
Summary
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:55.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48459",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:28:44.595971Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:29:13.719Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:17.153Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2022-48459",
"datePublished": "2023-11-01T09:08:17.153Z",
"dateReserved": "2023-04-13T02:35:16.242Z",
"dateUpdated": "2024-09-05T19:29:13.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48341
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:23
Severity ?
EPSS score ?
Summary
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:49.805Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48341",
"datePublished": "2024-01-18T02:44:49.805Z",
"dateReserved": "2023-11-15T08:11:00.389Z",
"dateUpdated": "2024-08-02T21:23:39.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42713
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.148Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:13.901Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42713",
"datePublished": "2023-12-04T00:54:13.901Z",
"dateReserved": "2023-09-13T07:40:40.033Z",
"dateUpdated": "2024-08-02T19:30:23.148Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48354
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
In telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.794Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:53.084Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48354",
"datePublished": "2024-01-18T02:44:53.084Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2024-08-02T21:30:33.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38468
Vulnerability from cvelistv5
Published
2023-09-04 01:16
Modified
2024-09-30 19:02
Severity ?
EPSS score ?
Summary
In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:39:13.556Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38468",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T19:02:17.243367Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T19:02:24.565Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android10/Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T01:16:10.949Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-38468",
"datePublished": "2023-09-04T01:16:10.949Z",
"dateReserved": "2023-07-18T07:24:19.589Z",
"dateUpdated": "2024-09-30T19:02:24.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38467
Vulnerability from cvelistv5
Published
2023-09-04 01:16
Modified
2024-10-01 19:02
Severity ?
EPSS score ?
Summary
In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:39:13.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T19:02:27.281254Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T19:02:47.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android10/Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T01:16:10.678Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-38467",
"datePublished": "2023-09-04T01:16:10.678Z",
"dateReserved": "2023-07-18T07:24:19.588Z",
"dateUpdated": "2024-10-01T19:02:47.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42737
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:21.553Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42737",
"datePublished": "2023-12-04T00:54:21.553Z",
"dateReserved": "2023-09-13T07:40:40.045Z",
"dateUpdated": "2024-08-02T19:30:24.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42673
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:03.095Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42673",
"datePublished": "2023-12-04T00:54:03.095Z",
"dateReserved": "2023-09-13T07:40:40.024Z",
"dateUpdated": "2024-08-02T19:23:40.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39436
Vulnerability from cvelistv5
Published
2024-10-09 06:43
Modified
2024-10-09 21:53
Severity ?
EPSS score ?
Summary
In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39436",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T21:41:00.434575Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T21:53:14.786Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T06:43:27.037Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39436",
"datePublished": "2024-10-09T06:43:27.037Z",
"dateReserved": "2024-06-25T06:13:32.359Z",
"dateUpdated": "2024-10-09T21:53:14.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42706
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.145Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:11.988Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42706",
"datePublished": "2023-12-04T00:54:11.988Z",
"dateReserved": "2023-09-13T07:40:40.029Z",
"dateUpdated": "2024-08-02T19:30:23.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42671
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:02.367Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42671",
"datePublished": "2023-12-04T00:54:02.367Z",
"dateReserved": "2023-09-13T07:40:40.024Z",
"dateUpdated": "2024-08-02T19:23:40.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42682
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-28 19:54
Severity ?
EPSS score ?
Summary
In gsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42682",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T19:53:56.783955Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T19:54:22.025Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In gsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:05.534Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42682",
"datePublished": "2023-12-04T00:54:05.534Z",
"dateReserved": "2023-09-13T07:40:40.026Z",
"dateUpdated": "2024-08-28T19:54:22.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48358
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
In drm driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In drm driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:54.074Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48358",
"datePublished": "2024-01-18T02:44:54.074Z",
"dateReserved": "2023-11-15T08:11:00.392Z",
"dateUpdated": "2024-08-02T21:30:34.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-40654
Vulnerability from cvelistv5
Published
2023-10-08 03:36
Modified
2024-09-19 18:02
Severity ?
EPSS score ?
Summary
In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "11.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-40654",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T17:57:32.736000Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T18:02:38.896Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-10-08T03:36:04.923Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-40654",
"datePublished": "2023-10-08T03:36:04.923Z",
"dateReserved": "2023-08-18T02:28:08.635Z",
"dateUpdated": "2024-09-19T18:02:38.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42694
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-10-16 19:32
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "Android11"
},
{
"status": "affected",
"version": "Android12"
},
{
"status": "affected",
"version": "Android13"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-42694",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:15:05.948162Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T19:32:29.155Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:08.810Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42694",
"datePublished": "2023-12-04T00:54:08.810Z",
"dateReserved": "2023-09-13T07:40:40.027Z",
"dateUpdated": "2024-10-16T19:32:29.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42747
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In camera service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.969Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In camera service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:24.239Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42747",
"datePublished": "2023-12-04T00:54:24.239Z",
"dateReserved": "2023-09-13T07:40:40.046Z",
"dateUpdated": "2024-08-02T19:30:23.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38553
Vulnerability from cvelistv5
Published
2023-09-04 01:16
Modified
2024-09-30 19:01
Severity ?
EPSS score ?
Summary
In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:55.710Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc7731e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9832e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9863a",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t310",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t606",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t612",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t616",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t610",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t618",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t760",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t770",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "s8000",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_11"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38553",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T18:56:20.897590Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T19:01:49.545Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T01:16:11.214Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-38553",
"datePublished": "2023-09-04T01:16:11.214Z",
"dateReserved": "2023-07-20T03:26:16.996Z",
"dateUpdated": "2024-09-30T19:01:49.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42733
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:20.484Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42733",
"datePublished": "2023-12-04T00:54:20.484Z",
"dateReserved": "2023-09-13T07:40:40.038Z",
"dateUpdated": "2024-08-02T19:30:24.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42714
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:14.168Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42714",
"datePublished": "2023-12-04T00:54:14.168Z",
"dateReserved": "2023-09-13T07:40:40.033Z",
"dateUpdated": "2024-08-02T19:30:23.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48351
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.818Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:52.310Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48351",
"datePublished": "2024-01-18T02:44:52.310Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2024-08-02T21:30:33.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48462
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-03 15:17
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:54.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:19.423Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2022-48462",
"datePublished": "2023-12-04T00:54:19.423Z",
"dateReserved": "2023-04-13T02:35:16.243Z",
"dateUpdated": "2024-08-03T15:17:54.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42707
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:12.253Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42707",
"datePublished": "2023-12-04T00:54:12.253Z",
"dateReserved": "2023-09-13T07:40:40.029Z",
"dateUpdated": "2024-08-02T19:30:23.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48342
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:23
Severity ?
EPSS score ?
Summary
In media service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In media service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:50.066Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48342",
"datePublished": "2024-01-18T02:44:50.066Z",
"dateReserved": "2023-11-15T08:11:00.389Z",
"dateUpdated": "2024-08-02T21:23:39.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42651
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:47
Severity ?
EPSS score ?
Summary
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42651",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:46:24.688972Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:47:10.777Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:14.474Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42651",
"datePublished": "2023-11-01T09:08:14.474Z",
"dateReserved": "2023-09-12T08:33:30.067Z",
"dateUpdated": "2024-09-05T19:47:10.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42689
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:07.448Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42689",
"datePublished": "2023-12-04T00:54:07.448Z",
"dateReserved": "2023-09-13T07:40:40.026Z",
"dateUpdated": "2024-08-02T19:23:40.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-40651
Vulnerability from cvelistv5
Published
2023-10-08 03:36
Modified
2024-09-19 18:21
Severity ?
EPSS score ?
Summary
In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40651",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T18:18:31.891193Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T18:21:20.793Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-10-08T03:36:04.059Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-40651",
"datePublished": "2023-10-08T03:36:04.059Z",
"dateReserved": "2023-08-18T02:28:08.634Z",
"dateUpdated": "2024-09-19T18:21:20.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48353
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
In vsp driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In vsp driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:52.799Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48353",
"datePublished": "2024-01-18T02:44:52.799Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2024-08-02T21:30:33.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42734
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android13/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:20.749Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42734",
"datePublished": "2023-12-04T00:54:20.749Z",
"dateReserved": "2023-09-13T07:40:40.045Z",
"dateUpdated": "2024-08-02T19:30:23.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42638
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-06 19:05
Severity ?
EPSS score ?
Summary
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42638",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T19:05:34.842649Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T19:05:49.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:10.701Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42638",
"datePublished": "2023-11-01T09:08:10.701Z",
"dateReserved": "2023-09-12T08:33:30.065Z",
"dateUpdated": "2024-09-06T19:05:49.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42705
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.093Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:11.727Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42705",
"datePublished": "2023-12-04T00:54:11.727Z",
"dateReserved": "2023-09-13T07:40:40.029Z",
"dateUpdated": "2024-08-02T19:30:23.093Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48456
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-12 18:03
Severity ?
EPSS score ?
Summary
In camera driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48456",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:33:25.269009Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T18:03:38.230Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In camera driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:16.300Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2022-48456",
"datePublished": "2023-11-01T09:08:16.300Z",
"dateReserved": "2023-04-13T02:35:16.242Z",
"dateUpdated": "2024-09-12T18:03:38.230Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42647
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:50
Severity ?
EPSS score ?
Summary
In Ifaa service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42647",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:50:06.696881Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:50:21.563Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android10/Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Ifaa service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:13.347Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42647",
"datePublished": "2023-11-01T09:08:13.347Z",
"dateReserved": "2023-09-12T08:33:30.067Z",
"dateUpdated": "2024-09-05T19:50:21.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42751
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-10-11 17:54
Severity ?
EPSS score ?
Summary
In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.157Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42751",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-11T17:51:23.805703Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T17:54:36.484Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:19.160Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42751",
"datePublished": "2023-12-04T00:54:19.160Z",
"dateReserved": "2023-09-13T08:18:33.377Z",
"dateUpdated": "2024-10-11T17:54:36.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42681
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In ion service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.141Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ion service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:05.270Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42681",
"datePublished": "2023-12-04T00:54:05.270Z",
"dateReserved": "2023-09-13T07:40:40.025Z",
"dateUpdated": "2024-08-02T19:23:40.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42710
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.117Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:13.050Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42710",
"datePublished": "2023-12-04T00:54:13.050Z",
"dateReserved": "2023-09-13T07:40:40.031Z",
"dateUpdated": "2024-08-02T19:30:23.117Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42732
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:20.216Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42732",
"datePublished": "2023-12-04T00:54:20.216Z",
"dateReserved": "2023-09-13T07:40:40.038Z",
"dateUpdated": "2024-08-02T19:30:24.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52351
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-11-05 16:55
Severity ?
EPSS score ?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc7731e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9832e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9863a",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t310",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t606",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t612",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t616",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t610",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t618",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t760",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t770",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "s8000",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T15:02:14.304772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T16:55:02.465Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.415Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52351",
"datePublished": "2024-04-08T02:21:17.415Z",
"dateReserved": "2024-01-19T02:58:31.099Z",
"dateUpdated": "2024-11-05T16:55:02.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-40653
Vulnerability from cvelistv5
Published
2023-10-08 03:36
Modified
2024-08-02 18:38
Severity ?
EPSS score ?
Summary
In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-10-08T03:36:04.636Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-40653",
"datePublished": "2023-10-08T03:36:04.636Z",
"dateReserved": "2023-08-18T02:28:08.634Z",
"dateUpdated": "2024-08-02T18:38:51.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42736
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.346Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:21.292Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42736",
"datePublished": "2023-12-04T00:54:21.292Z",
"dateReserved": "2023-09-13T07:40:40.045Z",
"dateUpdated": "2024-08-02T19:30:24.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39427
Vulnerability from cvelistv5
Published
2024-07-01 08:40
Modified
2024-08-02 04:26
Severity ?
EPSS score ?
Summary
In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39427",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T20:44:18.408928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T20:44:25.958Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:14.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T08:40:56.972Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39427",
"datePublished": "2024-07-01T08:40:56.972Z",
"dateReserved": "2024-06-25T06:13:32.357Z",
"dateUpdated": "2024-08-02T04:26:14.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39432
Vulnerability from cvelistv5
Published
2024-09-27 07:37
Modified
2024-09-27 15:40
Severity ?
EPSS score ?
Summary
In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_12"
},
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39432",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T15:37:32.827650Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T15:40:31.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T07:37:41.899Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39432",
"datePublished": "2024-09-27T07:37:41.899Z",
"dateReserved": "2024-06-25T06:13:32.358Z",
"dateUpdated": "2024-09-27T15:40:31.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42729
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-10-11 17:54
Severity ?
EPSS score ?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.776Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42729",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-11T17:51:24.707762Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T17:54:46.021Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:18.351Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42729",
"datePublished": "2023-12-04T00:54:18.351Z",
"dateReserved": "2023-09-13T07:40:40.037Z",
"dateUpdated": "2024-10-11T17:54:46.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42677
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.144Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:04.171Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42677",
"datePublished": "2023-12-04T00:54:04.171Z",
"dateReserved": "2023-09-13T07:40:40.025Z",
"dateUpdated": "2024-08-02T19:23:40.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39438
Vulnerability from cvelistv5
Published
2024-10-09 06:43
Modified
2024-10-09 18:52
Severity ?
EPSS score ?
Summary
In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc7731e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9832e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9863a",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t310",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t606",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t612",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t616",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t610",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t618",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t760",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t770",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "s8000",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39438",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T18:35:42.803689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T18:52:15.994Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T06:43:29.015Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39438",
"datePublished": "2024-10-09T06:43:29.015Z",
"dateReserved": "2024-06-25T06:13:32.360Z",
"dateUpdated": "2024-10-09T18:52:15.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42644
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:52
Severity ?
EPSS score ?
Summary
In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42644",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:51:51.398667Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:52:02.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:12.438Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42644",
"datePublished": "2023-11-01T09:08:12.438Z",
"dateReserved": "2023-09-12T08:33:30.066Z",
"dateUpdated": "2024-09-05T19:52:02.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42728
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-28 19:50
Severity ?
EPSS score ?
Summary
In phasecheckserver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.902Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42728",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T19:50:00.727446Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T19:50:43.047Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In phasecheckserver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:18.093Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42728",
"datePublished": "2023-12-04T00:54:18.093Z",
"dateReserved": "2023-09-13T07:40:40.037Z",
"dateUpdated": "2024-08-28T19:50:43.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-40633
Vulnerability from cvelistv5
Published
2023-10-08 03:35
Modified
2024-09-19 18:24
Severity ?
EPSS score ?
Summary
In phasecheckserver, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.014Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40633",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T18:24:46.031125Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T18:24:55.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In phasecheckserver, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-10-08T03:35:58.412Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-40633",
"datePublished": "2023-10-08T03:35:58.412Z",
"dateReserved": "2023-08-18T02:28:08.631Z",
"dateUpdated": "2024-09-19T18:24:55.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48455
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:40
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48455",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:34:08.281150Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:40:04.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:16.008Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2022-48455",
"datePublished": "2023-11-01T09:08:16.008Z",
"dateReserved": "2023-04-13T02:35:16.242Z",
"dateUpdated": "2024-09-05T19:40:04.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42634
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-06 18:01
Severity ?
EPSS score ?
Summary
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42634",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T18:01:29.021320Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T18:01:45.880Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android12/Android11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:09.558Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42634",
"datePublished": "2023-11-01T09:08:09.558Z",
"dateReserved": "2023-09-12T08:33:30.065Z",
"dateUpdated": "2024-09-06T18:01:45.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-40639
Vulnerability from cvelistv5
Published
2023-10-08 03:36
Modified
2024-09-19 15:05
Severity ?
EPSS score ?
Summary
In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40639",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:05:33.148983Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:05:42.958Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges"
}
],
"providerMetadata": {
"dateUpdated": "2023-10-08T03:36:00.240Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-40639",
"datePublished": "2023-10-08T03:36:00.240Z",
"dateReserved": "2023-08-18T02:28:08.632Z",
"dateUpdated": "2024-09-19T15:05:42.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48464
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-03 15:17
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:54.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:19.954Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2022-48464",
"datePublished": "2023-12-04T00:54:19.954Z",
"dateReserved": "2023-04-13T02:35:16.243Z",
"dateUpdated": "2024-08-03T15:17:54.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42717
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:14.977Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42717",
"datePublished": "2023-12-04T00:54:14.977Z",
"dateReserved": "2023-09-13T07:40:40.034Z",
"dateUpdated": "2024-08-02T19:30:23.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39437
Vulnerability from cvelistv5
Published
2024-10-09 06:43
Modified
2024-10-09 21:55
Severity ?
EPSS score ?
Summary
In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39437",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T21:53:32.597384Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T21:55:01.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T06:43:28.078Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39437",
"datePublished": "2024-10-09T06:43:28.078Z",
"dateReserved": "2024-06-25T06:13:32.360Z",
"dateUpdated": "2024-10-09T21:55:01.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48349
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.435Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:51.800Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48349",
"datePublished": "2024-01-18T02:44:51.800Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2024-08-02T21:30:34.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48356
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:53.563Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48356",
"datePublished": "2024-01-18T02:44:53.563Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2024-08-02T21:30:34.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52536
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-08-22 16:45
Severity ?
EPSS score ?
Summary
In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:03:20.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52536",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T16:45:38.933653Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T16:45:45.934Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:40.495Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52536",
"datePublished": "2024-04-08T02:21:40.495Z",
"dateReserved": "2024-02-26T05:56:52.680Z",
"dateUpdated": "2024-08-22T16:45:45.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48463
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-03 15:17
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:54.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:19.682Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2022-48463",
"datePublished": "2023-12-04T00:54:19.682Z",
"dateReserved": "2023-04-13T02:35:16.243Z",
"dateUpdated": "2024-08-03T15:17:54.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42723
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In camera service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In camera service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:16.787Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42723",
"datePublished": "2023-12-04T00:54:16.787Z",
"dateReserved": "2023-09-13T07:40:40.035Z",
"dateUpdated": "2024-08-02T19:30:23.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42695
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:09.074Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42695",
"datePublished": "2023-12-04T00:54:09.074Z",
"dateReserved": "2023-09-13T07:40:40.027Z",
"dateUpdated": "2024-08-02T19:23:40.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42750
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:41
Severity ?
EPSS score ?
Summary
In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42750",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:41:08.654205Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:41:37.346Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android11/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:15.420Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42750",
"datePublished": "2023-11-01T09:08:15.420Z",
"dateReserved": "2023-09-13T07:57:40.702Z",
"dateUpdated": "2024-09-05T19:41:37.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42635
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-06 18:01
Severity ?
EPSS score ?
Summary
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.238Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42635",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T18:00:50.001003Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T18:01:06.264Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:09.835Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42635",
"datePublished": "2023-11-01T09:08:09.835Z",
"dateReserved": "2023-09-12T08:33:30.065Z",
"dateUpdated": "2024-09-06T18:01:06.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42708
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-10-11 17:55
Severity ?
EPSS score ?
Summary
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.117Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42708",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-11T17:51:26.532072Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T17:55:01.767Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:12.517Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42708",
"datePublished": "2023-12-04T00:54:12.517Z",
"dateReserved": "2023-09-13T07:40:40.031Z",
"dateUpdated": "2024-10-11T17:55:01.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42749
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-28 19:33
Severity ?
EPSS score ?
Summary
In enginnermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42749",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T19:33:07.600460Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T19:33:57.703Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In enginnermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:24.762Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42749",
"datePublished": "2023-12-04T00:54:24.762Z",
"dateReserved": "2023-09-13T07:40:40.047Z",
"dateUpdated": "2024-08-28T19:33:57.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42701
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.157Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:10.670Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42701",
"datePublished": "2023-12-04T00:54:10.670Z",
"dateReserved": "2023-09-13T07:40:40.028Z",
"dateUpdated": "2024-08-02T19:23:40.157Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42745
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:23.704Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42745",
"datePublished": "2023-12-04T00:54:23.704Z",
"dateReserved": "2023-09-13T07:40:40.046Z",
"dateUpdated": "2024-08-02T19:30:24.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42716
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.166Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:14.714Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42716",
"datePublished": "2023-12-04T00:54:14.714Z",
"dateReserved": "2023-09-13T07:40:40.034Z",
"dateUpdated": "2024-08-02T19:30:23.166Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52345
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-08-02 22:55
Severity ?
EPSS score ?
Summary
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52345",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-31T18:11:54.730765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-31T18:12:05.934Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:15.765Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52345",
"datePublished": "2024-04-08T02:21:15.765Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2024-08-02T22:55:41.688Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42643
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:52
Severity ?
EPSS score ?
Summary
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42643",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:52:22.560254Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:52:30.888Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:12.158Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42643",
"datePublished": "2023-11-01T09:08:12.158Z",
"dateReserved": "2023-09-12T08:33:30.066Z",
"dateUpdated": "2024-09-05T19:52:30.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52350
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-08-02 22:55
Severity ?
EPSS score ?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-08T13:03:32.020840Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:24:14.938Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.148Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52350",
"datePublished": "2024-04-08T02:21:17.148Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2024-08-02T22:55:41.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42637
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-06 19:08
Severity ?
EPSS score ?
Summary
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42637",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T19:07:50.344607Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T19:08:16.311Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:10.406Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42637",
"datePublished": "2023-11-01T09:08:10.406Z",
"dateReserved": "2023-09-12T08:33:30.065Z",
"dateUpdated": "2024-09-06T19:08:16.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48340
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:23
Severity ?
EPSS score ?
Summary
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:49.558Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48340",
"datePublished": "2024-01-18T02:44:49.558Z",
"dateReserved": "2023-11-15T08:11:00.389Z",
"dateUpdated": "2024-08-02T21:23:39.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-40631
Vulnerability from cvelistv5
Published
2023-10-08 03:35
Modified
2024-09-19 18:41
Severity ?
EPSS score ?
Summary
In Dialer, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40631",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T18:40:52.812835Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T18:41:03.130Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android10/Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Dialer, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-10-08T03:35:57.807Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-40631",
"datePublished": "2023-10-08T03:35:57.807Z",
"dateReserved": "2023-08-18T02:28:08.630Z",
"dateUpdated": "2024-09-19T18:41:03.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42703
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:11.203Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42703",
"datePublished": "2023-12-04T00:54:11.203Z",
"dateReserved": "2023-09-13T07:40:40.029Z",
"dateUpdated": "2024-08-02T19:30:23.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42675
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:03.627Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42675",
"datePublished": "2023-12-04T00:54:03.627Z",
"dateReserved": "2023-09-13T07:40:40.025Z",
"dateUpdated": "2024-08-02T19:23:40.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-33909
Vulnerability from cvelistv5
Published
2023-08-07 01:54
Modified
2024-10-17 20:29
Severity ?
EPSS score ?
Summary
In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:13.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1687281677639942145"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33909",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T20:29:14.467709Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T20:29:27.384Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges"
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T01:54:44.402Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1687281677639942145"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-33909",
"datePublished": "2023-08-07T01:54:44.402Z",
"dateReserved": "2023-05-23T06:51:01.536Z",
"dateUpdated": "2024-10-17T20:29:27.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42676
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-10-11 17:55
Severity ?
EPSS score ?
Summary
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42676",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-11T17:51:27.454985Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T17:55:11.008Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:03.905Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42676",
"datePublished": "2023-12-04T00:54:03.905Z",
"dateReserved": "2023-09-13T07:40:40.025Z",
"dateUpdated": "2024-10-11T17:55:11.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42632
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-06 19:09
Severity ?
EPSS score ?
Summary
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42632",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T19:09:01.383179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T19:09:17.454Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:08.975Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42632",
"datePublished": "2023-11-01T09:08:08.975Z",
"dateReserved": "2023-09-12T08:33:30.065Z",
"dateUpdated": "2024-09-06T19:09:17.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42672
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.145Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:02.670Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42672",
"datePublished": "2023-12-04T00:54:02.670Z",
"dateReserved": "2023-09-13T07:40:40.024Z",
"dateUpdated": "2024-08-02T19:23:40.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52349
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-08-02 22:55
Severity ?
EPSS score ?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52349",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T14:26:50.461773Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:22:43.784Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:16.875Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52349",
"datePublished": "2024-04-08T02:21:16.875Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2024-08-02T22:55:41.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42748
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:24.502Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42748",
"datePublished": "2023-12-04T00:54:24.502Z",
"dateReserved": "2023-09-13T07:40:40.047Z",
"dateUpdated": "2024-08-02T19:30:23.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42649
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:49
Severity ?
EPSS score ?
Summary
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.135Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42649",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:49:01.868853Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:49:16.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:13.915Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42649",
"datePublished": "2023-11-01T09:08:13.915Z",
"dateReserved": "2023-09-12T08:33:30.067Z",
"dateUpdated": "2024-09-05T19:49:16.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42652
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:45
Severity ?
EPSS score ?
Summary
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.294Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42652",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:45:30.776038Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:45:39.264Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:14.758Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42652",
"datePublished": "2023-11-01T09:08:14.758Z",
"dateReserved": "2023-09-12T08:33:30.068Z",
"dateUpdated": "2024-09-05T19:45:39.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42639
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-06 16:45
Severity ?
EPSS score ?
Summary
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42639",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T16:45:19.165653Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T16:45:56.075Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:10.991Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42639",
"datePublished": "2023-11-01T09:08:10.991Z",
"dateReserved": "2023-09-12T08:33:30.065Z",
"dateUpdated": "2024-09-06T16:45:56.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42636
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-06 19:07
Severity ?
EPSS score ?
Summary
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.101Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42636",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T19:06:28.287831Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T19:07:16.456Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:10.122Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42636",
"datePublished": "2023-11-01T09:08:10.122Z",
"dateReserved": "2023-09-12T08:33:30.065Z",
"dateUpdated": "2024-09-06T19:07:16.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42631
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:55
Severity ?
EPSS score ?
Summary
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:39.673Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42631",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:54:54.936900Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:55:05.161Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:08.684Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42631",
"datePublished": "2023-11-01T09:08:08.684Z",
"dateReserved": "2023-09-12T08:33:30.064Z",
"dateUpdated": "2024-09-05T19:55:05.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-40650
Vulnerability from cvelistv5
Published
2023-10-08 03:36
Modified
2024-09-19 18:45
Severity ?
EPSS score ?
Summary
In Telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40650",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T18:45:25.756779Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T18:45:33.483Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-10-08T03:36:03.774Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-40650",
"datePublished": "2023-10-08T03:36:03.774Z",
"dateReserved": "2023-08-18T02:28:08.634Z",
"dateUpdated": "2024-09-19T18:45:33.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42718
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-28 19:52
Severity ?
EPSS score ?
Summary
In dialer, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42718",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T19:51:39.371675Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T19:52:02.358Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In dialer, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:15.249Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42718",
"datePublished": "2023-12-04T00:54:15.249Z",
"dateReserved": "2023-09-13T07:40:40.034Z",
"dateUpdated": "2024-08-28T19:52:02.358Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48346
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:23
Severity ?
EPSS score ?
Summary
In video decoder, there is a possible improper input validation. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible improper input validation. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:51.067Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48346",
"datePublished": "2024-01-18T02:44:51.067Z",
"dateReserved": "2023-11-15T08:11:00.390Z",
"dateUpdated": "2024-08-02T21:23:39.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52352
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-08-02 22:55
Severity ?
EPSS score ?
Summary
In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52352",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T14:30:36.712418Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:22:52.227Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.651Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.681Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52352",
"datePublished": "2024-04-08T02:21:17.681Z",
"dateReserved": "2024-01-19T02:58:31.099Z",
"dateUpdated": "2024-08-02T22:55:41.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42740
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-10-11 18:08
Severity ?
EPSS score ?
Summary
In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-42740",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-11T18:05:06.651355Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T18:08:40.433Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:22.364Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42740",
"datePublished": "2023-12-04T00:54:22.364Z",
"dateReserved": "2023-09-13T07:40:40.046Z",
"dateUpdated": "2024-10-11T18:08:40.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42697
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:09.604Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42697",
"datePublished": "2023-12-04T00:54:09.604Z",
"dateReserved": "2023-09-13T07:40:40.027Z",
"dateUpdated": "2024-08-02T19:23:40.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-33907
Vulnerability from cvelistv5
Published
2023-08-07 01:54
Modified
2024-10-17 14:48
Severity ?
EPSS score ?
Summary
In Contacts Service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:13.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1687281677639942145"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33907",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T14:48:20.691927Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T14:48:34.532Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Contacts Service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges"
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T01:54:43.812Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1687281677639942145"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-33907",
"datePublished": "2023-08-07T01:54:43.812Z",
"dateReserved": "2023-05-23T06:51:01.536Z",
"dateUpdated": "2024-10-17T14:48:34.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42709
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:12.777Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42709",
"datePublished": "2023-12-04T00:54:12.777Z",
"dateReserved": "2023-09-13T07:40:40.031Z",
"dateUpdated": "2024-08-02T19:30:23.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42735
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.428Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telephony service, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:21.022Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42735",
"datePublished": "2023-12-04T00:54:21.022Z",
"dateReserved": "2023-09-13T07:40:40.045Z",
"dateUpdated": "2024-08-02T19:30:24.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-33906
Vulnerability from cvelistv5
Published
2023-08-07 01:54
Modified
2024-10-17 14:49
Severity ?
EPSS score ?
Summary
In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:13.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1687281677639942145"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T14:49:09.501674Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T14:49:25.369Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges"
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T01:54:43.488Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1687281677639942145"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-33906",
"datePublished": "2023-08-07T01:54:43.488Z",
"dateReserved": "2023-05-23T06:51:01.536Z",
"dateUpdated": "2024-10-17T14:49:25.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42685
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.149Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:06.349Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42685",
"datePublished": "2023-12-04T00:54:06.349Z",
"dateReserved": "2023-09-13T07:40:40.026Z",
"dateUpdated": "2024-08-02T19:23:40.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42641
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:54
Severity ?
EPSS score ?
Summary
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42641",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:53:22.356683Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:54:34.422Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:11.592Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42641",
"datePublished": "2023-11-01T09:08:11.592Z",
"dateReserved": "2023-09-12T08:33:30.066Z",
"dateUpdated": "2024-09-05T19:54:34.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48348
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:51.548Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48348",
"datePublished": "2024-01-18T02:44:51.548Z",
"dateReserved": "2023-11-15T08:11:00.390Z",
"dateUpdated": "2024-08-02T21:30:33.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52348
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-11-19 21:31
Severity ?
EPSS score ?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52348",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T19:41:10.773102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T21:31:04.308Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:16.603Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52348",
"datePublished": "2024-04-08T02:21:16.603Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2024-11-19T21:31:04.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-23658
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-10-27 13:30
Severity ?
EPSS score ?
Summary
In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23658",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T14:30:56.019128Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-27T13:30:07.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:25.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.943Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-23658",
"datePublished": "2024-04-08T02:21:17.943Z",
"dateReserved": "2024-01-19T02:58:30.137Z",
"dateUpdated": "2024-10-27T13:30:07.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42646
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:51
Severity ?
EPSS score ?
Summary
In Ifaa service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.132Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42646",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:51:24.756986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:51:35.102Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android10/Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Ifaa service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:13.045Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42646",
"datePublished": "2023-11-01T09:08:13.045Z",
"dateReserved": "2023-09-12T08:33:30.067Z",
"dateUpdated": "2024-09-05T19:51:35.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38554
Vulnerability from cvelistv5
Published
2023-09-04 01:16
Modified
2024-09-30 18:56
Severity ?
EPSS score ?
Summary
In wcn bsp driver, there is a possible out of bounds write due to a missing bounds check.This could lead to local denial of service with no additional execution privileges
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:55.870Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38554",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T18:55:49.529718Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T18:56:02.133Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wcn bsp driver, there is a possible out of bounds write due to a missing bounds check.This could lead to local denial of service with no additional execution privileges"
}
],
"providerMetadata": {
"dateUpdated": "2023-09-04T01:16:11.483Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-38554",
"datePublished": "2023-09-04T01:16:11.483Z",
"dateReserved": "2023-07-20T03:26:16.996Z",
"dateUpdated": "2024-09-30T18:56:02.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42633
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-06 18:59
Severity ?
EPSS score ?
Summary
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:39.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42633",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T18:58:50.727245Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T18:59:40.544Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:09.278Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42633",
"datePublished": "2023-11-01T09:08:09.278Z",
"dateReserved": "2023-09-12T08:33:30.065Z",
"dateUpdated": "2024-09-06T18:59:40.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48355
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:53.324Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48355",
"datePublished": "2024-01-18T02:44:53.324Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2024-08-02T21:30:33.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42702
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:10.934Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42702",
"datePublished": "2023-12-04T00:54:10.934Z",
"dateReserved": "2023-09-13T07:40:40.028Z",
"dateUpdated": "2024-08-02T19:23:40.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42715
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:14.429Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42715",
"datePublished": "2023-12-04T00:54:14.429Z",
"dateReserved": "2023-09-13T07:40:40.033Z",
"dateUpdated": "2024-08-02T19:30:23.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42700
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.284Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:10.411Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42700",
"datePublished": "2023-12-04T00:54:10.411Z",
"dateReserved": "2023-09-13T07:40:40.028Z",
"dateUpdated": "2024-08-02T19:23:40.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48357
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
In vsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In vsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:53.807Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48357",
"datePublished": "2024-01-18T02:44:53.807Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2024-08-02T21:30:34.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42744
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In telecom service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telecom service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:23.438Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42744",
"datePublished": "2023-12-04T00:54:23.438Z",
"dateReserved": "2023-09-13T07:40:40.046Z",
"dateUpdated": "2024-08-02T19:30:23.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-33912
Vulnerability from cvelistv5
Published
2023-08-07 01:54
Modified
2024-10-17 14:45
Severity ?
EPSS score ?
Summary
In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:13.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1687281677639942145"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T14:44:41.033133Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T14:45:00.625Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges"
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T01:54:45.355Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1687281677639942145"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-33912",
"datePublished": "2023-08-07T01:54:45.355Z",
"dateReserved": "2023-05-23T06:51:01.537Z",
"dateUpdated": "2024-10-17T14:45:00.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48359
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
In autotest driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In autotest driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:54.312Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48359",
"datePublished": "2024-01-18T02:44:54.312Z",
"dateReserved": "2023-11-15T08:11:00.392Z",
"dateUpdated": "2024-08-02T21:30:33.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42742
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In sysui, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In sysui, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:22.904Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42742",
"datePublished": "2023-12-04T00:54:22.904Z",
"dateReserved": "2023-09-13T07:40:40.046Z",
"dateUpdated": "2024-08-02T19:30:23.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42678
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.145Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:04.436Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42678",
"datePublished": "2023-12-04T00:54:04.436Z",
"dateReserved": "2023-09-13T07:40:40.025Z",
"dateUpdated": "2024-08-02T19:23:40.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42693
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:08.547Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42693",
"datePublished": "2023-12-04T00:54:08.547Z",
"dateReserved": "2023-09-13T07:40:40.027Z",
"dateUpdated": "2024-08-02T19:23:40.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39435
Vulnerability from cvelistv5
Published
2024-09-27 07:37
Modified
2024-09-27 15:34
Severity ?
EPSS score ?
Summary
In Logmanager service, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_12"
},
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39435",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T15:22:29.003921Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T15:34:57.072Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Logmanager service, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T07:37:44.941Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39435",
"datePublished": "2024-09-27T07:37:44.941Z",
"dateReserved": "2024-06-25T06:13:32.358Z",
"dateUpdated": "2024-09-27T15:34:57.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42746
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In power manager, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:23.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In power manager, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:23.973Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42746",
"datePublished": "2023-12-04T00:54:23.973Z",
"dateReserved": "2023-09-13T07:40:40.046Z",
"dateUpdated": "2024-08-02T19:30:23.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48347
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.822Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:51.306Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48347",
"datePublished": "2024-01-18T02:44:51.306Z",
"dateReserved": "2023-11-15T08:11:00.390Z",
"dateUpdated": "2024-08-02T21:30:33.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42674
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.136Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:03.364Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42674",
"datePublished": "2023-12-04T00:54:03.364Z",
"dateReserved": "2023-09-13T07:40:40.025Z",
"dateUpdated": "2024-08-02T19:23:40.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42684
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.153Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:06.081Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42684",
"datePublished": "2023-12-04T00:54:06.081Z",
"dateReserved": "2023-09-13T07:40:40.026Z",
"dateUpdated": "2024-08-02T19:23:40.153Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-48461
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 18:12
Severity ?
EPSS score ?
Summary
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:54.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48461",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T18:12:17.027999Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T18:12:25.721Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:17.719Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2022-48461",
"datePublished": "2023-11-01T09:08:17.719Z",
"dateReserved": "2023-04-13T02:35:16.243Z",
"dateUpdated": "2024-09-05T18:12:25.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42692
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:08.280Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42692",
"datePublished": "2023-12-04T00:54:08.280Z",
"dateReserved": "2023-09-13T07:40:40.027Z",
"dateUpdated": "2024-08-02T19:23:40.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42741
Vulnerability from cvelistv5
Published
2023-12-04 00:54
Modified
2024-08-02 19:30
Severity ?
EPSS score ?
Summary
In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-12-04T00:54:22.624Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42741",
"datePublished": "2023-12-04T00:54:22.624Z",
"dateReserved": "2023-09-13T07:40:40.046Z",
"dateUpdated": "2024-08-02T19:30:24.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48352
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2024-08-02 21:30
Severity ?
EPSS score ?
Summary
In phasecheckserver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In phasecheckserver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:52.558Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48352",
"datePublished": "2024-01-18T02:44:52.558Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2024-08-02T21:30:34.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42653
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:42
Severity ?
EPSS score ?
Summary
In faceid service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42653",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:41:58.453014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:42:07.265Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android11/Android10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In faceid service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:15.127Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42653",
"datePublished": "2023-11-01T09:08:15.127Z",
"dateReserved": "2023-09-12T08:33:30.068Z",
"dateUpdated": "2024-09-05T19:42:07.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-52347
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-11-01 14:55
Severity ?
EPSS score ?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52347",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T14:24:55.345349Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T14:55:33.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:16.328Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52347",
"datePublished": "2024-04-08T02:21:16.328Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2024-11-01T14:55:33.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42642
Vulnerability from cvelistv5
Published
2023-11-01 09:08
Modified
2024-09-05 19:53
Severity ?
EPSS score ?
Summary
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:40.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42642",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T19:52:41.742865Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T19:53:07.374Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T09:08:11.877Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-42642",
"datePublished": "2023-11-01T09:08:11.877Z",
"dateReserved": "2023-09-12T08:33:30.066Z",
"dateUpdated": "2024-09-05T19:53:07.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}