Vulnerabilites related to Unisoc (Shanghai) Technologies Co., Ltd. - SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
cve-2022-48245
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 20:10
Severity ?
EPSS score ?
Summary
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.151Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48245", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:10:17.556391Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:10:21.219Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:02.060Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48245", datePublished: "2023-05-09T01:21:02.060Z", dateReserved: "2023-01-09T11:53:26.685Z", dateUpdated: "2025-01-28T20:10:21.219Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38681
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 18:48
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.314Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-38681", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:13:20.364967Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-191", description: "CWE-191 Integer Underflow (Wrap or Wraparound)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T18:48:50.102Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38681", datePublished: "2023-02-06T05:27:33.757Z", dateReserved: "2022-08-22T20:18:18.972Z", dateUpdated: "2025-03-26T18:48:50.102Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33900
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-04 15:09
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.786Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33900", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:09:37.813312Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:09:55.159Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:03.423Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33900", datePublished: "2023-07-12T08:32:03.423Z", dateReserved: "2023-05-23T06:51:01.535Z", dateUpdated: "2024-12-04T15:09:55.159Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48234
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 21:04
Severity ?
EPSS score ?
Summary
In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.243Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48234", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T21:04:02.650380Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T21:04:06.915Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:29.112Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48234", datePublished: "2023-05-09T01:20:29.112Z", dateReserved: "2023-01-09T11:51:07.072Z", dateUpdated: "2025-01-28T21:04:06.915Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48249
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 19:28
Severity ?
EPSS score ?
Summary
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.646Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48249", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T19:28:39.014150Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T19:28:44.178Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:07.453Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48249", datePublished: "2023-05-09T01:21:07.453Z", dateReserved: "2023-01-09T11:55:29.290Z", dateUpdated: "2025-01-28T19:28:44.178Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48383
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:18
Severity ?
EPSS score ?
Summary
.In srtd service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.797Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48383", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:18:08.664226Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:18:15.172Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: ".In srtd service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:27.473Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48383", datePublished: "2023-05-09T01:21:27.473Z", dateReserved: "2023-03-13T02:25:04.699Z", dateUpdated: "2025-01-28T17:18:15.172Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39087
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.557Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39087", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.557Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39123
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.401Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39123", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.401Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33889
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-04 15:06
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.635Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33889", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:06:12.963068Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:06:36.442Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:23.808Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33889", datePublished: "2023-07-12T08:32:23.808Z", dateReserved: "2023-05-23T06:38:35.980Z", dateUpdated: "2024-12-04T15:06:36.442Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47345
Vulnerability from cvelistv5
Published
2023-02-06 05:26
Modified
2025-03-26 13:37
Severity ?
EPSS score ?
Summary
In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.528Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47345", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:35:30.853765Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-129", description: "CWE-129 Improper Validation of Array Index", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:37:02.086Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47345", datePublished: "2023-02-06T05:26:55.612Z", dateReserved: "2022-12-13T05:23:52.519Z", dateUpdated: "2025-03-26T13:37:02.086Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30923
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:37
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.517Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30923", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:35:48.929826Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:37:28.779Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:16.482Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30923", datePublished: "2023-07-12T08:31:16.482Z", dateReserved: "2023-04-21T08:42:30.246Z", dateUpdated: "2024-12-04T15:37:28.779Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44431
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.554Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "cwe-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44431", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.554Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47369
Vulnerability from cvelistv5
Published
2023-02-06 05:28
Modified
2025-03-26 14:15
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.962Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47369", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:15:07.376986Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:15:11.161Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47369", datePublished: "2023-02-06T05:28:03.509Z", dateReserved: "2022-12-13T05:23:52.527Z", dateUpdated: "2025-03-26T14:15:11.161Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44441
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.458Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44441", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.458Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47491
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 21:13
Severity ?
EPSS score ?
Summary
In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.304Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47491", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T21:12:53.291895Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T21:13:01.426Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:42.875Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47491", datePublished: "2023-05-09T01:20:42.875Z", dateReserved: "2022-12-15T08:22:03.074Z", dateUpdated: "2025-01-28T21:13:01.426Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47493
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 21:17
Severity ?
EPSS score ?
Summary
In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.161Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47493", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T21:16:51.969339Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T21:17:03.721Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:38.340Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47493", datePublished: "2023-05-09T01:20:38.340Z", dateReserved: "2022-12-15T08:22:03.074Z", dateUpdated: "2025-01-28T21:17:03.721Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47485
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:03
Severity ?
EPSS score ?
Summary
In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.363Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47485", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:03:13.799395Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:03:19.814Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:39.163Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47485", datePublished: "2023-05-09T01:21:39.163Z", dateReserved: "2022-12-15T08:22:03.071Z", dateUpdated: "2025-01-28T17:03:19.814Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47482
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 21:08
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.390Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47482", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T21:08:55.268161Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-05T21:08:59.621Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47482", datePublished: "2023-03-07T01:31:49.171Z", dateReserved: "2022-12-15T08:22:03.070Z", dateUpdated: "2025-03-05T21:08:59.621Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39121
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.558Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39121", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.558Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39101
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.313Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39101", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.313Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39083
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.487Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39083", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.487Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47342
Vulnerability from cvelistv5
Published
2023-02-06 05:26
Modified
2025-03-26 13:41
Severity ?
EPSS score ?
Summary
In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.530Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47342", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:41:15.400674Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-129", description: "CWE-129 Improper Validation of Array Index", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:41:47.642Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47342", datePublished: "2023-02-06T05:26:51.748Z", dateReserved: "2022-12-13T05:23:52.519Z", dateUpdated: "2025-03-26T13:41:47.642Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39095
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.429Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39095", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.429Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30927
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:30
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.573Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30927", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:29:43.429036Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:30:08.068Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:25.996Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30927", datePublished: "2023-07-12T08:31:25.996Z", dateReserved: "2023-04-21T08:42:30.247Z", dateUpdated: "2024-12-04T15:30:08.068Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38688
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.496Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Information Exposure", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38688", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.496Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47327
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-25 17:50
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.422Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47327", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-25T17:49:13.367284Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-25T17:50:25.583Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47327", datePublished: "2023-02-06T05:27:46.317Z", dateReserved: "2022-12-13T05:23:52.517Z", dateUpdated: "2025-03-25T17:50:25.583Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44435
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.231Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44435", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.231Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38671
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.221Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-126", description: "CWE-126 Buffer Over-read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38671", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.221Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39130
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.425Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-126", description: "CWE-126 Buffer Over-read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39130", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.425Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30863
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-08 15:12
Severity ?
EPSS score ?
Summary
In Connectivity Service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.497Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-30863", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T15:12:44.809793Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-08T15:12:49.819Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10", }, ], }, ], descriptions: [ { lang: "en", value: "In Connectivity Service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:09.889Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30863", datePublished: "2023-06-06T05:13:09.889Z", dateReserved: "2023-04-19T09:06:41.102Z", dateUpdated: "2025-01-08T15:12:49.819Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39090
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.352Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39090", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.352Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39134
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In audio driver, there is a use after free due to a race condition. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.465Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In audio driver, there is a use after free due to a race condition. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-362", description: "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39134", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.465Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38689
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.426Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Information Exposure", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38689", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.426Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48443
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-07 20:32
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.849Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48443", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T20:31:48.694615Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-07T20:32:40.774Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:04.209Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48443", datePublished: "2023-06-06T05:13:04.209Z", dateReserved: "2023-04-13T02:35:16.240Z", dateUpdated: "2025-01-07T20:32:40.774Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30937
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:15
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.507Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30937", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:15:36.794814Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:15:55.559Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:44.421Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30937", datePublished: "2023-07-12T08:31:44.421Z", dateReserved: "2023-04-21T08:42:30.248Z", dateUpdated: "2024-12-04T15:15:55.559Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47454
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-12 16:21
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.175Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47454", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T16:52:02.961301Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-12T16:21:20.899Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47454", datePublished: "2023-03-07T01:31:53.341Z", dateReserved: "2022-12-15T08:22:03.064Z", dateUpdated: "2025-03-12T16:21:20.899Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39098
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.585Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39098", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.585Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47494
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 21:12
Severity ?
EPSS score ?
Summary
In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.314Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47494", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T21:12:08.162772Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T21:12:13.718Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:44.034Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47494", datePublished: "2023-05-09T01:20:44.034Z", dateReserved: "2022-12-15T08:22:03.074Z", dateUpdated: "2025-01-28T21:12:13.718Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48379
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:22
Severity ?
EPSS score ?
Summary
In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.821Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48379", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:22:43.639038Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:22:47.782Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:21.761Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48379", datePublished: "2023-05-09T01:21:21.761Z", dateReserved: "2023-03-13T02:25:04.699Z", dateUpdated: "2025-01-28T17:22:47.782Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48445
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-07 20:27
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.839Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48445", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T20:26:06.568390Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-07T20:27:59.031Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:06.034Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48445", datePublished: "2023-06-06T05:13:06.034Z", dateReserved: "2023-04-13T02:35:16.240Z", dateUpdated: "2025-01-07T20:27:59.031Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48242
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 18:09
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.202Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48242", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T18:09:33.647112Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T18:09:56.631Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:58.646Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48242", datePublished: "2023-05-09T01:20:58.646Z", dateReserved: "2023-01-09T11:53:26.685Z", dateUpdated: "2025-01-28T18:09:56.631Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48369
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 18:09
Severity ?
EPSS score ?
Summary
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.807Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48369", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T18:08:37.313573Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T18:09:07.220Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:10.694Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48369", datePublished: "2023-05-09T01:21:10.694Z", dateReserved: "2023-03-13T02:25:04.698Z", dateUpdated: "2025-01-28T18:09:07.220Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39106
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.389Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121 Stack Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39106", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.389Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38680
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 13:22
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.495Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-38680", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:21:35.059010Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190 Integer Overflow or Wraparound", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:22:37.917Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38680", datePublished: "2023-02-06T05:27:31.771Z", dateReserved: "2022-08-22T20:18:18.972Z", dateUpdated: "2025-03-26T13:22:37.917Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39082
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.427Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39082", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.427Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47346
Vulnerability from cvelistv5
Published
2023-02-06 05:26
Modified
2025-03-25 20:49
Severity ?
EPSS score ?
Summary
In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.525Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47346", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-25T20:49:52.655780Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-129", description: "CWE-129 Improper Validation of Array Index", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-25T20:49:55.644Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47346", datePublished: "2023-02-06T05:26:56.561Z", dateReserved: "2022-12-13T05:23:52.519Z", dateUpdated: "2025-03-25T20:49:55.644Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48391
Vulnerability from cvelistv5
Published
2023-06-06 05:12
Modified
2025-01-08 15:23
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.822Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48391", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T15:23:16.419758Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-08T15:23:22.690Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:12:57.525Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48391", datePublished: "2023-06-06T05:12:57.525Z", dateReserved: "2023-03-13T02:25:04.700Z", dateUpdated: "2025-01-08T15:23:22.690Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39097
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.442Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39097", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.442Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30938
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:14
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.510Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30938", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:14:06.493687Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:14:28.935Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:45.322Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30938", datePublished: "2023-07-12T08:31:45.322Z", dateReserved: "2023-04-21T08:42:30.248Z", dateUpdated: "2024-12-04T15:14:28.935Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44427
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.847Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "cwe-122 Heap Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44427", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.847Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30919
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:24
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.516Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30919", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:24:02.400392Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:24:12.931Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:10.075Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30919", datePublished: "2023-07-12T08:31:10.075Z", dateReserved: "2023-04-21T08:42:30.246Z", dateUpdated: "2024-12-04T15:24:12.931Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38685
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In bluetooth service, there is a possible missing permission check. This could lead to local denial of service in bluetooth service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.530Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In bluetooth service, there is a possible missing permission check. This could lead to local denial of service in bluetooth service with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:32.813Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38685", datePublished: "2023-05-09T01:21:32.813Z", dateReserved: "2022-08-22T20:18:18.973Z", dateUpdated: "2024-08-03T11:02:14.530Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39120
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.640Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39120", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.640Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44432
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.642Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "cwe-190 Integer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44432", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.642Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47338
Vulnerability from cvelistv5
Published
2023-04-11 11:09
Modified
2025-02-10 17:25
Severity ?
EPSS score ?
Summary
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.425Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47338", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-10T17:25:20.312125Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-668", description: "CWE-668 Exposure of Resource to Wrong Sphere", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-10T17:25:24.486Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.", }, ], providerMetadata: { dateUpdated: "2023-04-11T11:09:45.470Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47338", datePublished: "2023-04-11T11:09:45.470Z", dateReserved: "2022-12-13T05:23:52.518Z", dateUpdated: "2025-02-10T17:25:24.486Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47484
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 16:55
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.167Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47484", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T16:54:56.324121Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T16:55:11.306Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47484", datePublished: "2023-03-07T01:31:51.038Z", dateReserved: "2022-12-15T08:22:03.071Z", dateUpdated: "2025-03-05T16:55:11.306Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39105
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.508Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190 Integer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39105", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.508Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47496
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 20:41
Severity ?
EPSS score ?
Summary
In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.302Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47496", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:41:37.511513Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:41:41.878Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:46.243Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47496", datePublished: "2023-05-09T01:20:46.243Z", dateReserved: "2022-12-15T08:22:03.075Z", dateUpdated: "2025-01-28T20:41:41.878Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44446
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.598Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-126", description: "cwe-126 Buffer Over-read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44446", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.598Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48248
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 19:30
Severity ?
EPSS score ?
Summary
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.454Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48248", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T19:29:51.372414Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T19:30:06.794Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:06.367Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48248", datePublished: "2023-05-09T01:21:06.367Z", dateReserved: "2023-01-09T11:55:29.290Z", dateUpdated: "2025-01-28T19:30:06.794Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48373
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 18:00
Severity ?
EPSS score ?
Summary
In tee service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.818Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48373", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T18:00:09.308373Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T18:00:17.680Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In tee service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:14.919Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48373", datePublished: "2023-05-09T01:21:14.919Z", dateReserved: "2023-03-13T02:25:04.698Z", dateUpdated: "2025-01-28T18:00:17.680Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48384
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:16
Severity ?
EPSS score ?
Summary
In srtd service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.730Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48384", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:16:48.949933Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:16:57.385Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In srtd service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:28.680Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48384", datePublished: "2023-05-09T01:21:28.680Z", dateReserved: "2023-03-13T02:25:04.699Z", dateUpdated: "2025-01-28T17:16:57.385Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33885
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-03 17:01
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.274Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33885", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T17:01:31.309810Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T17:01:47.913Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:18.044Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33885", datePublished: "2023-07-12T08:32:18.044Z", dateReserved: "2023-05-23T06:38:35.979Z", dateUpdated: "2024-12-03T17:01:47.913Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47460
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 16:59
Severity ?
EPSS score ?
Summary
In gpu device, there is a memory corruption due to a use after free. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.032Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47460", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T16:58:59.485293Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T16:59:11.685Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In gpu device, there is a memory corruption due to a use after free. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47460", datePublished: "2023-03-07T01:31:21.530Z", dateReserved: "2022-12-15T08:22:03.065Z", dateUpdated: "2025-03-05T16:59:11.685Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39081
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.502Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39081", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.502Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30942
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:10
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.513Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30942", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:10:29.016067Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:10:42.785Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:54.592Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30942", datePublished: "2023-07-12T08:31:54.592Z", dateReserved: "2023-04-21T08:42:30.249Z", dateUpdated: "2024-12-04T15:10:42.785Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48388
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:07
Severity ?
EPSS score ?
Summary
In powerEx service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.860Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48388", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:07:47.480298Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:07:52.541Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In powerEx service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:34.928Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48388", datePublished: "2023-05-09T01:21:34.928Z", dateReserved: "2023-03-13T02:25:04.700Z", dateUpdated: "2025-01-28T17:07:52.541Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39091
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.644Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39091", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.644Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38684
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.344Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38684", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.344Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48246
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 19:32
Severity ?
EPSS score ?
Summary
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.075Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48246", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T19:32:23.085902Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T19:32:28.978Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:03.152Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48246", datePublished: "2023-05-09T01:21:03.152Z", dateReserved: "2023-01-09T11:55:29.289Z", dateUpdated: "2025-01-28T19:32:28.978Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30926
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:32
Severity ?
EPSS score ?
Summary
In opm service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.519Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30926", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:31:53.193501Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:32:13.296Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In opm service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:25.063Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30926", datePublished: "2023-07-12T08:31:25.063Z", dateReserved: "2023-04-21T08:42:30.247Z", dateUpdated: "2024-12-04T15:32:13.296Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38687
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to local denial of service in messaging service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.225Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to local denial of service in messaging service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38687", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.225Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47457
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 16:48
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.105Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47457", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T16:47:57.240610Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T16:48:14.122Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47457", datePublished: "2023-03-07T01:31:56.674Z", dateReserved: "2022-12-15T08:22:03.065Z", dateUpdated: "2025-03-05T16:48:14.122Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48231
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 21:14
Severity ?
EPSS score ?
Summary
In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.080Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48231", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T21:14:53.891648Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T21:14:59.349Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:40.587Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48231", datePublished: "2023-05-09T01:20:40.587Z", dateReserved: "2023-01-09T11:51:07.071Z", dateUpdated: "2025-01-28T21:14:59.349Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38697
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to access unexpected provider in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.504Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to access unexpected provider in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38697", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.504Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39119
Vulnerability from cvelistv5
Published
2022-09-09 14:39
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In network service, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.unisoc.com/en_us/secy/announcementDetail/1567706764592349186 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.530Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1567706764592349186", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In network service, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-09T14:39:12", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1567706764592349186", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@unisoc.com", ID: "CVE-2022-39119", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", version: { version_data: [ { version_value: "Android10/Android11/Android12", }, ], }, }, ], }, vendor_name: "Unisoc (Shanghai) Technologies Co., Ltd.", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In network service, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-862 Missing Authorization", }, ], }, ], }, references: { reference_data: [ { name: "https://www.unisoc.com/en_us/secy/announcementDetail/1567706764592349186", refsource: "MISC", url: "https://www.unisoc.com/en_us/secy/announcementDetail/1567706764592349186", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39119", datePublished: "2022-09-09T14:39:12", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.530Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39110
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.324Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39110", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.324Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47472
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 16:56
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.124Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47472", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T16:56:15.728632Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T16:56:28.848Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47472", datePublished: "2023-03-07T01:31:30.379Z", dateReserved: "2022-12-15T08:22:03.068Z", dateUpdated: "2025-03-05T16:56:28.848Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39084
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.479Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39084", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.479Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44419
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 16:59
Severity ?
EPSS score ?
Summary
In modem, there is a possible missing verification of NAS Security Mode Command Replay Attacks in LTE. This could local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.305Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-44419", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T16:59:25.695534Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-noinfo Not enough information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T16:59:47.917Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In modem, there is a possible missing verification of NAS Security Mode Command Replay Attacks in LTE. This could local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:41.408Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44419", datePublished: "2023-05-09T01:21:41.408Z", dateReserved: "2022-10-31T01:03:52.584Z", dateUpdated: "2025-01-28T16:59:47.917Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47466
Vulnerability from cvelistv5
Published
2023-04-11 11:09
Modified
2025-02-10 19:11
Severity ?
EPSS score ?
Summary
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.361Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47466", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-10T19:11:51.866180Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-10T19:11:56.742Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.", }, ], providerMetadata: { dateUpdated: "2023-04-11T11:09:52.810Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47466", datePublished: "2023-04-11T11:09:52.810Z", dateReserved: "2022-12-15T08:22:03.067Z", dateUpdated: "2025-02-10T19:11:56.742Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39086
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.459Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39086", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.459Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39107
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In Soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in Soundrecorder service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.478Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In Soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in Soundrecorder service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39107", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.478Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47358
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 13:32
Severity ?
EPSS score ?
Summary
In log service, there is a missing permission check. This could lead to local denial of service in log service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.980Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47358", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:32:11.408786Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:32:51.911Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In log service, there is a missing permission check. This could lead to local denial of service in log service.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47358", datePublished: "2023-02-06T05:27:24.571Z", dateReserved: "2022-12-13T05:23:52.523Z", dateUpdated: "2025-03-26T13:32:51.911Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47461
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 16:58
Severity ?
EPSS score ?
Summary
In telephone service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.917Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47461", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T16:58:12.550132Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T16:58:31.705Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In telephone service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47461", datePublished: "2023-03-07T01:31:22.460Z", dateReserved: "2022-12-15T08:22:03.066Z", dateUpdated: "2025-03-05T16:58:31.705Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47481
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 21:10
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.163Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47481", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T21:10:12.115250Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-05T21:10:40.898Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47481", datePublished: "2023-03-07T01:31:47.818Z", dateReserved: "2022-12-15T08:22:03.070Z", dateUpdated: "2025-03-05T21:10:40.898Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48386
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 19:23
Severity ?
EPSS score ?
Summary
the apipe driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.770Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48386", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T19:23:08.254596Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T19:23:13.119Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "the apipe driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:30.810Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48386", datePublished: "2023-05-09T01:21:30.810Z", dateReserved: "2023-03-13T02:25:04.700Z", dateUpdated: "2025-01-28T19:23:13.119Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47337
Vulnerability from cvelistv5
Published
2023-04-11 11:09
Modified
2025-02-10 18:56
Severity ?
EPSS score ?
Summary
In media service, there is a missing permission check. This could lead to local denial of service in media service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.601Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47337", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-10T18:53:54.738523Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-10T18:56:46.421Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In media service, there is a missing permission check. This could lead to local denial of service in media service.", }, ], providerMetadata: { dateUpdated: "2023-04-11T11:09:44.468Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47337", datePublished: "2023-04-11T11:09:44.468Z", dateReserved: "2022-12-13T05:23:52.518Z", dateUpdated: "2025-02-10T18:56:46.421Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47453
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 16:52
Severity ?
EPSS score ?
Summary
In wcn service, there is a possible missing params check. This could lead to local denial of service in wcn service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.911Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47453", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T16:52:41.032083Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T16:52:55.162Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wcn service, there is a possible missing params check. This could lead to local denial of service in wcn service.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47453", datePublished: "2023-03-07T01:31:51.965Z", dateReserved: "2022-12-15T08:22:03.064Z", dateUpdated: "2025-03-05T16:52:55.162Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47470
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 20:44
Severity ?
EPSS score ?
Summary
In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.140Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47470", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:44:42.838168Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:44:46.932Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:31.535Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47470", datePublished: "2023-05-09T01:20:31.535Z", dateReserved: "2022-12-15T08:22:03.068Z", dateUpdated: "2025-01-28T20:44:46.932Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47479
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-06 16:05
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.222Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47479", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-06T16:05:41.887715Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-06T16:05:46.351Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47479", datePublished: "2023-03-07T01:31:42.438Z", dateReserved: "2022-12-15T08:22:03.070Z", dateUpdated: "2025-03-06T16:05:46.351Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47344
Vulnerability from cvelistv5
Published
2023-02-06 05:26
Modified
2025-03-26 13:38
Severity ?
EPSS score ?
Summary
In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.538Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47344", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:37:56.317827Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-129", description: "CWE-129 Improper Validation of Array Index", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:38:31.761Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47344", datePublished: "2023-02-06T05:26:54.649Z", dateReserved: "2022-12-13T05:23:52.519Z", dateUpdated: "2025-03-26T13:38:31.761Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30925
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:33
Severity ?
EPSS score ?
Summary
In opm service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.543Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30925", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:33:24.374988Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:33:39.756Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In opm service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:23.622Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30925", datePublished: "2023-07-12T08:31:23.622Z", dateReserved: "2023-04-21T08:42:30.246Z", dateUpdated: "2024-12-04T15:33:39.756Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39126
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.558Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39126", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.558Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48441
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-07 20:38
Severity ?
EPSS score ?
Summary
In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.934Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48441", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T20:38:24.268799Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770 Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-07T20:38:29.534Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:02.382Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48441", datePublished: "2023-06-06T05:13:02.382Z", dateReserved: "2023-04-13T02:35:16.239Z", dateUpdated: "2025-01-07T20:38:29.534Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48438
Vulnerability from cvelistv5
Published
2023-06-06 05:12
Modified
2025-01-07 20:55
Severity ?
EPSS score ?
Summary
In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.777Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48438", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T20:54:47.222403Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-07T20:55:08.287Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:12:59.511Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48438", datePublished: "2023-06-06T05:12:59.511Z", dateReserved: "2023-04-13T02:35:16.239Z", dateUpdated: "2025-01-07T20:55:08.287Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39103
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In Gallery service, there is a missing permission check. This could lead to local denial of service in Gallery service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.503Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In Gallery service, there is a missing permission check. This could lead to local denial of service in Gallery service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39103", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.503Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47354
Vulnerability from cvelistv5
Published
2023-02-06 05:26
Modified
2025-03-26 14:29
Severity ?
EPSS score ?
Summary
In log service, there is a missing permission check. This could lead to local denial of service in log service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.002Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47354", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:29:22.623153Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:29:26.407Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In log service, there is a missing permission check. This could lead to local denial of service in log service.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47354", datePublished: "2023-02-06T05:26:59.409Z", dateReserved: "2022-12-13T05:23:52.522Z", dateUpdated: "2025-03-26T14:29:26.407Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44437
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.825Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44437", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.825Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47455
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 16:51
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.162Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47455", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T16:51:18.626614Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T16:51:30.879Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47455", datePublished: "2023-03-07T01:31:54.272Z", dateReserved: "2022-12-15T08:22:03.064Z", dateUpdated: "2025-03-05T16:51:30.879Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48375
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:52
Severity ?
EPSS score ?
Summary
In contacts service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.733Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48375", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:52:47.515455Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:52:57.677Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In contacts service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:17.235Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48375", datePublished: "2023-05-09T01:21:17.235Z", dateReserved: "2023-03-13T02:25:04.698Z", dateUpdated: "2025-01-28T17:52:57.677Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48241
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 18:10
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.612Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48241", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T18:10:45.626098Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T18:10:48.612Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:57.479Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48241", datePublished: "2023-05-09T01:20:57.479Z", dateReserved: "2023-01-09T11:53:26.684Z", dateUpdated: "2025-01-28T18:10:48.612Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48377
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:50
Severity ?
EPSS score ?
Summary
In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.794Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48377", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:50:27.899528Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:50:33.669Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:19.410Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48377", datePublished: "2023-05-09T01:21:19.410Z", dateReserved: "2023-03-13T02:25:04.699Z", dateUpdated: "2025-01-28T17:50:33.669Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47450
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 18:49
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.245Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47450", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:12:28.389048Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T18:49:33.116Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47450", datePublished: "2023-02-06T05:27:50.634Z", dateReserved: "2022-12-15T08:22:03.063Z", dateUpdated: "2025-03-26T18:49:33.116Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38690
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.623Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38690", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.623Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48247
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 19:31
Severity ?
EPSS score ?
Summary
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.621Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48247", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T19:31:19.868904Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T19:31:22.995Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:04.269Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48247", datePublished: "2023-05-09T01:21:04.269Z", dateReserved: "2023-01-09T11:55:29.290Z", dateUpdated: "2025-01-28T19:31:22.995Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47476
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-06 15:29
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.972Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47476", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-06T15:28:42.528276Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-06T15:29:11.207Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47476", datePublished: "2023-03-07T01:31:36.544Z", dateReserved: "2022-12-15T08:22:03.070Z", dateUpdated: "2025-03-06T15:29:11.207Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30941
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:11
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.574Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30941", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:11:20.208962Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:11:47.855Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:49.432Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30941", datePublished: "2023-07-12T08:31:49.432Z", dateReserved: "2023-04-21T08:42:30.249Z", dateUpdated: "2024-12-04T15:11:47.855Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47339
Vulnerability from cvelistv5
Published
2023-02-06 05:26
Modified
2025-03-26 13:46
Severity ?
EPSS score ?
Summary
In cmd services, there is a OS command injection issue due to missing permission check. This could lead to local escalation of privilege with system execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.489Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47339", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:46:04.846712Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:46:58.474Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In cmd services, there is a OS command injection issue due to missing permission check. This could lead to local escalation of privilege with system execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47339", datePublished: "2023-02-06T05:26:48.923Z", dateReserved: "2022-12-13T05:23:52.518Z", dateUpdated: "2025-03-26T13:46:58.474Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38682
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.320Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38682", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.320Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42776
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 13:19
Severity ?
EPSS score ?
Summary
In UscAIEngine service, there is a missing permission check. This could lead to set up UscAIEngine service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:19:03.899Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In UscAIEngine service, there is a missing permission check. This could lead to set up UscAIEngine service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-42776", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-10-11T00:00:00", dateUpdated: "2024-08-03T13:19:03.899Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48372
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 18:04
Severity ?
EPSS score ?
Summary
In bootcp service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.811Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48372", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T18:04:35.670126Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T18:04:41.419Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In bootcp service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:13.896Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48372", datePublished: "2023-05-09T01:21:13.896Z", dateReserved: "2023-03-13T02:25:04.698Z", dateUpdated: "2025-01-28T18:04:41.419Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47364
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:21
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.199Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47364", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:21:15.592298Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:21:19.621Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47364", datePublished: "2023-02-06T05:27:57.464Z", dateReserved: "2022-12-13T05:23:52.525Z", dateUpdated: "2025-03-26T14:21:19.621Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30918
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:25
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.500Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30918", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:25:32.269579Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:25:40.219Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:08.786Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30918", datePublished: "2023-07-12T08:31:08.786Z", dateReserved: "2023-04-21T08:42:30.246Z", dateUpdated: "2024-12-04T15:25:40.219Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39094
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.531Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39094", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.531Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48389
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:04
Severity ?
EPSS score ?
Summary
In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.809Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48389", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:04:35.587571Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:04:39.872Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10", }, ], }, ], descriptions: [ { lang: "en", value: "In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:37.162Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48389", datePublished: "2023-05-09T01:21:37.162Z", dateReserved: "2023-03-13T02:25:04.700Z", dateUpdated: "2025-01-28T17:04:39.872Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33904
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-04 16:43
Severity ?
EPSS score ?
Summary
In hci_server, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.407Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33904", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T16:43:25.872227Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T16:43:34.295Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In hci_server, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:42.431Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33904", datePublished: "2023-07-12T08:32:42.431Z", dateReserved: "2023-05-23T06:51:01.535Z", dateUpdated: "2024-12-04T16:43:34.295Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38674
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 13:24
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.495Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-38674", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:23:13.996541Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:24:06.044Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38674", datePublished: "2023-02-06T05:27:30.212Z", dateReserved: "2022-08-22T20:17:27.591Z", dateUpdated: "2025-03-26T13:24:06.044Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33888
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-04 15:07
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.466Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33888", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:07:11.219785Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:07:28.528Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:21.174Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33888", datePublished: "2023-07-12T08:32:21.174Z", dateReserved: "2023-05-23T06:38:35.980Z", dateUpdated: "2024-12-04T15:07:28.528Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30931
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:25
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.527Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30931", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:24:41.515967Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:25:00.562Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:31.387Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30931", datePublished: "2023-07-12T08:31:31.387Z", dateReserved: "2023-04-21T08:42:30.248Z", dateUpdated: "2024-12-04T15:25:00.562Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48444
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-07 20:30
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.835Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48444", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T20:30:26.245715Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-07T20:30:32.395Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:05.113Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48444", datePublished: "2023-06-06T05:13:05.113Z", dateReserved: "2023-04-13T02:35:16.240Z", dateUpdated: "2025-01-07T20:30:32.395Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38686
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:24
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.381Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-38686", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:23:47.197148Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:24:11.945Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38686", datePublished: "2023-02-06T05:27:35.576Z", dateReserved: "2022-08-22T20:18:18.973Z", dateUpdated: "2025-03-26T14:24:11.945Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47343
Vulnerability from cvelistv5
Published
2023-02-06 05:26
Modified
2025-03-26 13:40
Severity ?
EPSS score ?
Summary
In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.532Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47343", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:39:14.033432Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-129", description: "CWE-129 Improper Validation of Array Index", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:40:27.547Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47343", datePublished: "2023-02-06T05:26:52.674Z", dateReserved: "2022-12-13T05:23:52.519Z", dateUpdated: "2025-03-26T13:40:27.547Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30864
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-08 15:11
Severity ?
EPSS score ?
Summary
In Connectivity Service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.468Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-30864", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T15:11:07.009747Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-08T15:11:13.707Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10", }, ], }, ], descriptions: [ { lang: "en", value: "In Connectivity Service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:10.873Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30864", datePublished: "2023-06-06T05:13:10.873Z", dateReserved: "2023-04-19T09:06:41.102Z", dateUpdated: "2025-01-08T15:11:13.707Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48232
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 21:27
Severity ?
EPSS score ?
Summary
In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.218Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48232", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T21:27:11.777708Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T21:27:17.058Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:26.828Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48232", datePublished: "2023-05-09T01:20:26.828Z", dateReserved: "2023-01-09T11:51:07.071Z", dateUpdated: "2025-01-28T21:27:17.058Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30924
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:35
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.532Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30924", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:34:47.158314Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:35:06.758Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:20.228Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30924", datePublished: "2023-07-12T08:31:20.228Z", dateReserved: "2023-04-21T08:42:30.246Z", dateUpdated: "2024-12-04T15:35:06.758Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48244
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 20:25
Severity ?
EPSS score ?
Summary
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.651Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48244", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:25:18.993653Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:25:22.895Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:01.122Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48244", datePublished: "2023-05-09T01:21:01.122Z", dateReserved: "2023-01-09T11:53:26.685Z", dateUpdated: "2025-01-28T20:25:22.895Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47340
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:22
Severity ?
EPSS score ?
Summary
In h265 codec firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.569Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47340", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:22:10.828888Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:22:15.806Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In h265 codec firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:22.843Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47340", datePublished: "2023-05-09T01:21:22.843Z", dateReserved: "2022-12-13T05:23:52.518Z", dateUpdated: "2025-01-28T17:22:15.806Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47347
Vulnerability from cvelistv5
Published
2023-02-06 05:26
Modified
2025-03-25 20:50
Severity ?
EPSS score ?
Summary
In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.519Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47347", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-25T20:50:39.990640Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-129", description: "CWE-129 Improper Validation of Array Index", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-25T20:50:43.442Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47347", datePublished: "2023-02-06T05:26:57.480Z", dateReserved: "2022-12-13T05:23:52.520Z", dateUpdated: "2025-03-25T20:50:43.442Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47463
Vulnerability from cvelistv5
Published
2023-04-11 11:09
Modified
2025-02-10 17:25
Severity ?
EPSS score ?
Summary
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.223Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47463", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-10T17:23:04.636607Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-10T17:25:41.186Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.", }, ], providerMetadata: { dateUpdated: "2023-04-11T11:09:48.368Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47463", datePublished: "2023-04-11T11:09:48.368Z", dateReserved: "2022-12-15T08:22:03.066Z", dateUpdated: "2025-02-10T17:25:41.186Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38678
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.671Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38678", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.671Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47473
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 16:55
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.293Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47473", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T16:55:38.189150Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T16:55:49.554Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47473", datePublished: "2023-03-07T01:31:31.841Z", dateReserved: "2022-12-15T08:22:03.068Z", dateUpdated: "2025-03-05T16:55:49.554Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39124
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.431Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39124", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.431Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33883
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-03 17:03
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.430Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33883", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T17:03:13.216540Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T17:03:25.848Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:13.352Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33883", datePublished: "2023-07-12T08:32:13.352Z", dateReserved: "2023-05-23T06:38:35.979Z", dateUpdated: "2024-12-03T17:03:25.848Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44439
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.710Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44439", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.710Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39093
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.481Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39093", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.481Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30913
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-03 17:14
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.512Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30913", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T17:14:49.516044Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T17:14:54.824Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:55.539Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30913", datePublished: "2023-07-12T08:31:55.539Z", dateReserved: "2023-04-21T08:42:30.245Z", dateUpdated: "2024-12-03T17:14:54.824Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48233
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 21:25
Severity ?
EPSS score ?
Summary
In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.690Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48233", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T21:25:12.064209Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T21:25:15.999Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:27.914Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48233", datePublished: "2023-05-09T01:20:27.914Z", dateReserved: "2023-01-09T11:51:07.071Z", dateUpdated: "2025-01-28T21:25:15.999Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30933
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:21
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.582Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30933", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:21:03.276894Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:21:24.282Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:37.964Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30933", datePublished: "2023-07-12T08:31:37.964Z", dateReserved: "2023-04-21T08:42:30.248Z", dateUpdated: "2024-12-04T15:21:24.282Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39099
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.639Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39099", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.639Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47499
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 20:39
Severity ?
EPSS score ?
Summary
In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.353Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47499", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:39:12.795645Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:39:16.292Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:49.457Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47499", datePublished: "2023-05-09T01:20:49.457Z", dateReserved: "2022-12-15T08:22:03.076Z", dateUpdated: "2025-01-28T20:39:16.292Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30932
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:22
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.509Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30932", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:22:03.456428Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:22:24.430Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:34.336Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30932", datePublished: "2023-07-12T08:31:34.336Z", dateReserved: "2023-04-21T08:42:30.248Z", dateUpdated: "2024-12-04T15:22:24.430Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47486
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 20:43
Severity ?
EPSS score ?
Summary
In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.169Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47486", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:43:07.010627Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:43:10.921Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:32.680Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47486", datePublished: "2023-05-09T01:20:32.680Z", dateReserved: "2022-12-15T08:22:03.072Z", dateUpdated: "2025-01-28T20:43:10.921Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48451
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-08-03 15:10
Severity ?
EPSS score ?
Summary
In bluetooth service, there is a possible out of bounds write due to race condition. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.836Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In bluetooth service, there is a possible out of bounds write due to race condition. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:45.182Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48451", datePublished: "2023-07-12T08:32:45.182Z", dateReserved: "2023-04-13T02:35:16.241Z", dateUpdated: "2024-08-03T15:10:59.836Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48243
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 20:32
Severity ?
EPSS score ?
Summary
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.758Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48243", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:32:21.751747Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:32:36.497Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:59.864Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48243", datePublished: "2023-05-09T01:20:59.864Z", dateReserved: "2023-01-09T11:53:26.685Z", dateUpdated: "2025-01-28T20:32:36.497Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44420
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:02
Severity ?
EPSS score ?
Summary
In modem, there is a possible missing verification of HashMME value in Security Mode Command. This could local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.584Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-44420", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:02:08.351686Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-noinfo Not enough information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:02:13.778Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In modem, there is a possible missing verification of HashMME value in Security Mode Command. This could local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:40.270Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44420", datePublished: "2023-05-09T01:21:40.270Z", dateReserved: "2022-10-31T01:03:52.584Z", dateUpdated: "2025-01-28T17:02:13.778Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38698
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.438Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38698", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.438Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47355
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:28
Severity ?
EPSS score ?
Summary
In log service, there is a missing permission check. This could lead to local denial of service in log service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.958Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47355", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:25:32.396413Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:28:20.802Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In log service, there is a missing permission check. This could lead to local denial of service in log service.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47355", datePublished: "2023-02-06T05:27:00.648Z", dateReserved: "2022-12-13T05:23:52.522Z", dateUpdated: "2025-03-26T14:28:20.802Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47348
Vulnerability from cvelistv5
Published
2023-02-06 05:26
Modified
2025-03-26 14:30
Severity ?
EPSS score ?
Summary
In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.876Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47348", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:30:05.387115Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-129", description: "CWE-129 Improper Validation of Array Index", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:30:08.642Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47348", datePublished: "2023-02-06T05:26:58.469Z", dateReserved: "2022-12-13T05:23:52.521Z", dateUpdated: "2025-03-26T14:30:08.642Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38683
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.369Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38683", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.369Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39089
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:08
Severity ?
EPSS score ?
Summary
In mlog service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.408Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-39089", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:08:45.257311Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:08:56.943Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In mlog service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:33.900Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39089", datePublished: "2023-05-09T01:21:33.900Z", dateReserved: "2022-09-01T06:09:51.096Z", dateUpdated: "2025-01-28T17:08:56.943Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47368
Vulnerability from cvelistv5
Published
2023-02-06 05:28
Modified
2025-03-26 14:16
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.987Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47368", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:16:02.895730Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:16:08.139Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47368", datePublished: "2023-02-06T05:28:02.578Z", dateReserved: "2022-12-13T05:23:52.526Z", dateUpdated: "2025-03-26T14:16:08.139Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30916
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:27
Severity ?
EPSS score ?
Summary
In DMService, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.513Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30916", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:26:43.691035Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:27:26.752Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In DMService, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:06.862Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30916", datePublished: "2023-07-12T08:31:06.862Z", dateReserved: "2023-04-21T08:42:30.245Z", dateUpdated: "2024-12-04T15:27:26.752Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47456
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 16:49
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.106Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47456", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T16:48:47.415955Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T16:49:00.210Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47456", datePublished: "2023-03-07T01:31:55.720Z", dateReserved: "2022-12-15T08:22:03.064Z", dateUpdated: "2025-03-05T16:49:00.210Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30936
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:17
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.510Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30936", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:16:44.953893Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:17:31.212Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:42.549Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30936", datePublished: "2023-07-12T08:31:42.549Z", dateReserved: "2023-04-21T08:42:30.248Z", dateUpdated: "2024-12-04T15:17:31.212Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42778
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 13:19
Severity ?
EPSS score ?
Summary
In windows manager service, there is a missing permission check. This could lead to set up windows manager service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:19:04.369Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In windows manager service, there is a missing permission check. This could lead to set up windows manager service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-42778", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-10-11T00:00:00", dateUpdated: "2024-08-03T13:19:04.369Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33891
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-04 16:41
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.735Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33891", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T16:40:42.812295Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T16:41:10.078Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:26.028Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33891", datePublished: "2023-07-12T08:32:26.028Z", dateReserved: "2023-05-23T06:38:35.980Z", dateUpdated: "2024-12-04T16:41:10.078Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47370
Vulnerability from cvelistv5
Published
2023-02-06 05:28
Modified
2025-03-26 13:56
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.970Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47370", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:56:18.627199Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:56:22.170Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47370", datePublished: "2023-02-06T05:28:04.461Z", dateReserved: "2022-12-13T05:23:52.528Z", dateUpdated: "2025-03-26T13:56:22.170Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47464
Vulnerability from cvelistv5
Published
2023-04-11 11:09
Modified
2025-02-10 17:25
Severity ?
EPSS score ?
Summary
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.126Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47464", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-10T17:18:02.899366Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-10T17:25:55.725Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.", }, ], providerMetadata: { dateUpdated: "2023-04-11T11:09:49.998Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47464", datePublished: "2023-04-11T11:09:49.998Z", dateReserved: "2022-12-15T08:22:03.067Z", dateUpdated: "2025-02-10T17:25:55.725Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30934
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:19
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.504Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30934", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:18:58.519173Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:19:25.439Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:39.578Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30934", datePublished: "2023-07-12T08:31:39.578Z", dateReserved: "2023-04-21T08:42:30.248Z", dateUpdated: "2024-12-04T15:19:25.439Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39118
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.637Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39118", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.637Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48382
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:18
Severity ?
EPSS score ?
Summary
In log service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.795Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48382", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:18:46.735387Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:18:51.256Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In log service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:26.379Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48382", datePublished: "2023-05-09T01:21:26.379Z", dateReserved: "2023-03-13T02:25:04.699Z", dateUpdated: "2025-01-28T17:18:51.256Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39108
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.312Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39108", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.312Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47329
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:04
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.537Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47329", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:04:11.939547Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:04:16.202Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47329", datePublished: "2023-02-06T05:27:48.450Z", dateReserved: "2022-12-13T05:23:52.517Z", dateUpdated: "2025-03-26T14:04:16.202Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48370
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 18:06
Severity ?
EPSS score ?
Summary
In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.817Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48370", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T18:06:48.516495Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T18:06:51.543Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:11.754Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48370", datePublished: "2023-05-09T01:21:11.754Z", dateReserved: "2023-03-13T02:25:04.698Z", dateUpdated: "2025-01-28T18:06:51.543Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33880
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-03 17:06
Severity ?
EPSS score ?
Summary
In music service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.355Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33880", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T17:05:55.441253Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T17:06:11.254Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In music service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:09.446Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33880", datePublished: "2023-07-12T08:32:09.446Z", dateReserved: "2023-05-23T06:38:35.978Z", dateUpdated: "2024-12-03T17:06:11.254Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47331
Vulnerability from cvelistv5
Published
2023-02-06 05:26
Modified
2025-03-26 13:45
Severity ?
EPSS score ?
Summary
In wlan driver, there is a race condition. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.533Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47331", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:44:13.814344Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-362", description: "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:45:10.181Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a race condition. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47331", datePublished: "2023-02-06T05:26:49.877Z", dateReserved: "2022-12-13T05:23:52.517Z", dateUpdated: "2025-03-26T13:45:10.181Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39102
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.457Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39102", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.457Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47334
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:04
Severity ?
EPSS score ?
Summary
In phasecheck server, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.448Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47334", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:03:54.725051Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:04:00.253Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In phasecheck server, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:38.138Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47334", datePublished: "2023-05-09T01:21:38.138Z", dateReserved: "2022-12-13T05:23:52.518Z", dateUpdated: "2025-01-28T17:04:00.253Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48235
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 20:37
Severity ?
EPSS score ?
Summary
In MP3 encoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.415Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48235", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:37:16.976287Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:37:21.716Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In MP3 encoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:50.506Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48235", datePublished: "2023-05-09T01:20:50.506Z", dateReserved: "2023-01-09T11:51:07.072Z", dateUpdated: "2025-01-28T20:37:21.716Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39104
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In contacts service, there is a missing permission check. This could lead to local denial of service in Contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.532Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In contacts service, there is a missing permission check. This could lead to local denial of service in Contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39104", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.532Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48371
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 18:06
Severity ?
EPSS score ?
Summary
In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.806Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48371", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T18:06:07.489152Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T18:06:14.964Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:12.835Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48371", datePublished: "2023-05-09T01:21:12.835Z", dateReserved: "2023-03-13T02:25:04.698Z", dateUpdated: "2025-01-28T18:06:14.964Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47488
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 21:22
Severity ?
EPSS score ?
Summary
In spipe drive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.168Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47488", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T21:22:39.240813Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-noinfo Not enough information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T21:22:47.103Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In spipe drive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:34.945Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47488", datePublished: "2023-05-09T01:20:34.945Z", dateReserved: "2022-12-15T08:22:03.072Z", dateUpdated: "2025-01-28T21:22:47.103Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32788
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-04 15:08
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:25:36.999Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-32788", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:08:15.929488Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:08:32.377Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:04.753Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-32788", datePublished: "2023-07-12T08:32:04.753Z", dateReserved: "2023-05-15T06:02:25.373Z", dateUpdated: "2024-12-04T15:08:32.377Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44421
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 18:35
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing permission check. This could lead to local In wlan driver, information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.433Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-44421", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:10:15.939600Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T18:35:48.797Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing permission check. This could lead to local In wlan driver, information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44421", datePublished: "2023-02-06T05:27:54.381Z", dateReserved: "2022-10-31T01:03:52.585Z", dateUpdated: "2025-03-26T18:35:48.797Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48448
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-08 15:15
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.824Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48448", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T15:14:40.409086Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-08T15:15:10.347Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:08.952Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48448", datePublished: "2023-06-06T05:13:08.952Z", dateReserved: "2023-04-13T02:35:16.241Z", dateUpdated: "2025-01-08T15:15:10.347Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39092
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.486Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39092", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.486Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47330
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 18:49
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.423Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47330", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:12:51.631445Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T18:49:11.600Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47330", datePublished: "2023-02-06T05:27:49.399Z", dateReserved: "2022-12-13T05:23:52.517Z", dateUpdated: "2025-03-26T18:49:11.600Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47328
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:05
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.523Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47328", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:05:06.535104Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:05:11.913Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47328", datePublished: "2023-02-06T05:27:47.489Z", dateReserved: "2022-12-13T05:23:52.517Z", dateUpdated: "2025-03-26T14:05:11.913Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38675
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 13:25
Severity ?
EPSS score ?
Summary
In gpu driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.435Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-38675", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:24:45.000910Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:25:26.725Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In gpu driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38675", datePublished: "2023-02-06T05:27:29.217Z", dateReserved: "2022-08-22T20:17:27.591Z", dateUpdated: "2025-03-26T13:25:26.725Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30935
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:18
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.500Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30935", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:18:07.477617Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:18:18.906Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:40.534Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30935", datePublished: "2023-07-12T08:31:40.534Z", dateReserved: "2023-04-21T08:42:30.248Z", dateUpdated: "2024-12-04T15:18:18.906Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47360
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 13:29
Severity ?
EPSS score ?
Summary
In log service, there is a missing permission check. This could lead to local denial of service in log service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.885Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47360", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:27:47.660881Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:29:56.981Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In log service, there is a missing permission check. This could lead to local denial of service in log service.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47360", datePublished: "2023-02-06T05:27:27.298Z", dateReserved: "2022-12-13T05:23:52.524Z", dateUpdated: "2025-03-26T13:29:56.981Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30929
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 16:39
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.551Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30929", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T16:38:42.930274Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T16:39:10.354Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:27.914Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30929", datePublished: "2023-07-12T08:31:27.914Z", dateReserved: "2023-04-21T08:42:30.247Z", dateUpdated: "2024-12-04T16:39:10.354Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44428
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.644Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "cwe-122 Heap Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44428", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.644Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48376
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:51
Severity ?
EPSS score ?
Summary
In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.815Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48376", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:51:36.611938Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:51:51.777Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:18.302Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48376", datePublished: "2023-05-09T01:21:18.302Z", dateReserved: "2023-03-13T02:25:04.698Z", dateUpdated: "2025-01-28T17:51:51.777Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42777
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 13:19
Severity ?
EPSS score ?
Summary
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:19:03.863Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-42777", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-10-11T00:00:00", dateUpdated: "2024-08-03T13:19:03.863Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48250
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 19:27
Severity ?
EPSS score ?
Summary
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.640Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48250", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T19:27:17.871632Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T19:27:21.750Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:08.585Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48250", datePublished: "2023-05-09T01:21:08.585Z", dateReserved: "2023-01-09T11:55:29.290Z", dateUpdated: "2025-01-28T19:27:21.750Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48374
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:53
Severity ?
EPSS score ?
Summary
In tee service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.816Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48374", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:53:40.289951Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:53:44.118Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In tee service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:16.079Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48374", datePublished: "2023-05-09T01:21:16.079Z", dateReserved: "2023-03-13T02:25:04.698Z", dateUpdated: "2025-01-28T17:53:44.118Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33881
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-03 17:05
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.430Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33881", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T17:05:10.778538Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T17:05:24.466Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:10.428Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33881", datePublished: "2023-07-12T08:32:10.428Z", dateReserved: "2023-05-23T06:38:35.978Z", dateUpdated: "2024-12-03T17:05:24.466Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44443
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.594Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-126", description: "CWE-126 Buffer Over-read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44443", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.594Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47474
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-06 16:18
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.119Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47474", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-06T16:18:38.979602Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-06T16:18:48.248Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47474", datePublished: "2023-03-07T01:31:34.183Z", dateReserved: "2022-12-15T08:22:03.069Z", dateUpdated: "2025-03-06T16:18:48.248Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44425
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.391Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "cwe-190 Integer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44425", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.391Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47471
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 17:22
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.292Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47471", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T17:22:30.873610Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-05T17:22:34.235Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47471", datePublished: "2023-03-07T01:31:33.233Z", dateReserved: "2022-12-15T08:22:03.068Z", dateUpdated: "2025-03-05T17:22:34.235Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33887
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-03 16:57
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.355Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33887", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T16:57:16.232828Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T16:57:37.608Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:20.228Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33887", datePublished: "2023-07-12T08:32:20.228Z", dateReserved: "2023-05-23T06:38:35.980Z", dateUpdated: "2024-12-03T16:57:37.608Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39109
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.465Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39109", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.465Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48390
Vulnerability from cvelistv5
Published
2023-06-06 05:12
Modified
2025-01-07 20:56
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.907Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48390", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T20:56:12.959101Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-07T20:56:20.868Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:12:56.627Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48390", datePublished: "2023-06-06T05:12:56.627Z", dateReserved: "2023-03-13T02:25:04.700Z", dateUpdated: "2025-01-07T20:56:20.868Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44430
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.734Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "cwe-122 Heap Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44430", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.734Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-2984
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 00:53
Severity ?
EPSS score ?
Summary
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:53:00.678Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-2984", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-25T00:00:00", dateUpdated: "2024-08-03T00:53:00.678Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33886
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-03 17:00
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.418Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33886", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T16:59:39.539926Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T17:00:48.486Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:18.987Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33886", datePublished: "2023-07-12T08:32:18.987Z", dateReserved: "2023-05-23T06:38:35.980Z", dateUpdated: "2024-12-03T17:00:48.486Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47341
Vulnerability from cvelistv5
Published
2023-02-06 05:26
Modified
2025-03-26 13:43
Severity ?
EPSS score ?
Summary
In engineermode services, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.529Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47341", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:42:30.264206Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:43:34.468Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In engineermode services, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47341", datePublished: "2023-02-06T05:26:50.823Z", dateReserved: "2022-12-13T05:23:52.519Z", dateUpdated: "2025-03-26T13:43:34.468Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38676
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In gpu driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.379Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In gpu driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38676", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.379Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33882
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-03 17:04
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.428Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33882", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T17:03:56.783852Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T17:04:07.624Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:12.419Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33882", datePublished: "2023-07-12T08:32:12.419Z", dateReserved: "2023-05-23T06:38:35.978Z", dateUpdated: "2024-12-03T17:04:07.624Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48392
Vulnerability from cvelistv5
Published
2023-06-06 05:12
Modified
2025-01-08 15:21
Severity ?
EPSS score ?
Summary
In dialer service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.821Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48392", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T15:21:05.771864Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-08T15:21:10.882Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In dialer service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:12:58.543Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48392", datePublished: "2023-06-06T05:12:58.543Z", dateReserved: "2023-03-13T02:25:04.700Z", dateUpdated: "2025-01-08T15:21:10.882Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47458
Vulnerability from cvelistv5
Published
2023-03-07 01:32
Modified
2025-03-05 16:43
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.144Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47458", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T16:42:04.286093Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-05T16:43:28.825Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47458", datePublished: "2023-03-07T01:32:06.617Z", dateReserved: "2022-12-15T08:22:03.065Z", dateUpdated: "2025-03-05T16:43:28.825Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44438
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.665Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44438", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.665Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48368
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 19:26
Severity ?
EPSS score ?
Summary
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.766Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48368", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T19:26:33.545955Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T19:26:37.048Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:09.635Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48368", datePublished: "2023-05-09T01:21:09.635Z", dateReserved: "2023-03-13T02:25:04.697Z", dateUpdated: "2025-01-28T19:26:37.048Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39129
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.525Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121 Stack-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39129", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.525Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30922
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:38
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.526Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30922", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:37:51.739732Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:38:40.618Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:15.431Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30922", datePublished: "2023-07-12T08:31:15.431Z", dateReserved: "2023-04-21T08:42:30.246Z", dateUpdated: "2024-12-04T15:38:40.618Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39131
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.443Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39131", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.443Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44436
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.937Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44436", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.937Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47371
Vulnerability from cvelistv5
Published
2023-02-06 05:28
Modified
2025-03-26 13:52
Severity ?
EPSS score ?
Summary
In bt driver, there is a thread competition leads to early release of resources to be accessed. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.885Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47371", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:52:29.546800Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:52:35.454Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In bt driver, there is a thread competition leads to early release of resources to be accessed. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47371", datePublished: "2023-02-06T05:28:05.408Z", dateReserved: "2022-12-13T05:23:52.528Z", dateUpdated: "2025-03-26T13:52:35.454Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47480
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 21:12
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.128Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47480", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T21:11:35.085449Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-05T21:12:02.964Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47480", datePublished: "2023-03-07T01:31:46.367Z", dateReserved: "2022-12-15T08:22:03.070Z", dateUpdated: "2025-03-05T21:12:02.964Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47498
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 20:40
Severity ?
EPSS score ?
Summary
In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.387Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47498", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:39:51.983622Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:40:16.004Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:48.403Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47498", datePublished: "2023-05-09T01:20:48.403Z", dateReserved: "2022-12-15T08:22:03.075Z", dateUpdated: "2025-01-28T20:40:16.004Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30928
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 16:30
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.507Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30928", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T16:29:47.136444Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T16:30:03.945Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:26.977Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30928", datePublished: "2023-07-12T08:31:26.977Z", dateReserved: "2023-04-21T08:42:30.247Z", dateUpdated: "2024-12-04T16:30:03.945Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47465
Vulnerability from cvelistv5
Published
2023-04-11 11:09
Modified
2025-02-11 20:07
Severity ?
EPSS score ?
Summary
In vdsp service, there is a missing permission check. This could lead to local denial of service in vdsp service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.092Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47465", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-10T16:09:33.169878Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-11T20:07:28.052Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In vdsp service, there is a missing permission check. This could lead to local denial of service in vdsp service.", }, ], providerMetadata: { dateUpdated: "2023-04-11T11:09:51.189Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47465", datePublished: "2023-04-11T11:09:51.189Z", dateReserved: "2022-12-15T08:22:03.067Z", dateUpdated: "2025-02-11T20:07:28.052Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39115
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.325Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39115", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.325Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30921
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:43
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.502Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30921", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:43:40.939876Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:43:53.771Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:12.760Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30921", datePublished: "2023-07-12T08:31:12.760Z", dateReserved: "2023-04-21T08:42:30.246Z", dateUpdated: "2024-12-04T15:43:53.771Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39127
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.558Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39127", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.558Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47336
Vulnerability from cvelistv5
Published
2023-04-11 11:09
Modified
2025-02-10 19:21
Severity ?
EPSS score ?
Summary
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.444Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47336", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-10T19:20:57.295352Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-10T19:21:01.931Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.", }, ], providerMetadata: { dateUpdated: "2023-04-11T11:09:43.390Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47336", datePublished: "2023-04-11T11:09:43.390Z", dateReserved: "2022-12-13T05:23:52.518Z", dateUpdated: "2025-02-10T19:21:01.931Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47468
Vulnerability from cvelistv5
Published
2023-04-11 11:09
Modified
2025-02-10 19:07
Severity ?
EPSS score ?
Summary
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.056Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47468", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-10T19:07:17.400941Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-10T19:07:23.281Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.", }, ], providerMetadata: { dateUpdated: "2023-04-11T11:09:54.820Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47468", datePublished: "2023-04-11T11:09:54.820Z", dateReserved: "2022-12-15T08:22:03.068Z", dateUpdated: "2025-02-10T19:07:23.281Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47335
Vulnerability from cvelistv5
Published
2023-04-11 11:09
Modified
2025-02-10 19:24
Severity ?
EPSS score ?
Summary
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.474Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47335", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-10T19:23:56.853329Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-10T19:24:04.047Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.", }, ], providerMetadata: { dateUpdated: "2023-04-11T11:09:42.407Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47335", datePublished: "2023-04-11T11:09:42.407Z", dateReserved: "2022-12-13T05:23:52.518Z", dateUpdated: "2025-02-10T19:24:04.047Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48238
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 20:33
Severity ?
EPSS score ?
Summary
In Image filter, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.628Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48238", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:33:42.571277Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:33:46.051Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In Image filter, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:54.059Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48238", datePublished: "2023-05-09T01:20:54.059Z", dateReserved: "2023-01-09T11:51:07.072Z", dateUpdated: "2025-01-28T20:33:46.051Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39096
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.390Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39096", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.390Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39114
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.562Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39114", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.562Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47475
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-06 16:17
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.330Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47475", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-06T16:17:12.600819Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-06T16:17:20.962Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47475", datePublished: "2023-03-07T01:31:35.628Z", dateReserved: "2022-12-15T08:22:03.069Z", dateUpdated: "2025-03-06T16:17:20.962Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47332
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 18:49
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.529Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47332", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:12:03.173433Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T18:49:59.956Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47332", datePublished: "2023-02-06T05:27:51.564Z", dateReserved: "2022-12-13T05:23:52.517Z", dateUpdated: "2025-03-26T18:49:59.956Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-2985
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 00:53
Severity ?
EPSS score ?
Summary
In music service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:53:00.685Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In music service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-2985", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-25T00:00:00", dateUpdated: "2024-08-03T00:53:00.685Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47469
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 20:45
Severity ?
EPSS score ?
Summary
In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.377Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47469", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:45:19.123653Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:45:23.243Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:30.308Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47469", datePublished: "2023-05-09T01:20:30.308Z", dateReserved: "2022-12-15T08:22:03.068Z", dateUpdated: "2025-01-28T20:45:23.243Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44426
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.666Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "cwe-190 Integer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44426", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.666Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47477
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-06 16:15
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.098Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47477", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-06T16:15:29.723587Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-06T16:15:35.934Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47477", datePublished: "2023-03-07T01:31:40.527Z", dateReserved: "2022-12-15T08:22:03.070Z", dateUpdated: "2025-03-06T16:15:35.934Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44447
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:01
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible null pointer dereference issue due to a missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.786Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-44447", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:01:11.367285Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:01:15.694Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible null pointer dereference issue due to a missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44447", datePublished: "2023-02-06T05:27:55.591Z", dateReserved: "2022-10-31T01:03:52.589Z", dateUpdated: "2025-03-26T14:01:15.694Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47459
Vulnerability from cvelistv5
Published
2023-03-07 01:32
Modified
2025-03-05 16:46
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.099Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47459", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T16:46:33.369135Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T16:46:52.106Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47459", datePublished: "2023-03-07T01:32:10.617Z", dateReserved: "2022-12-15T08:22:03.065Z", dateUpdated: "2025-03-05T16:46:52.106Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33884
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-03 17:02
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.781Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33884", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T17:02:31.003147Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T17:02:44.108Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:16.759Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33884", datePublished: "2023-07-12T08:32:16.759Z", dateReserved: "2023-05-23T06:38:35.979Z", dateUpdated: "2024-12-03T17:02:44.108Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44442
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.545Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44442", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.545Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33902
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-08-02 15:54
Severity ?
EPSS score ?
Summary
In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.384Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:38.316Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33902", datePublished: "2023-07-12T08:32:38.316Z", dateReserved: "2023-05-23T06:51:01.535Z", dateUpdated: "2024-08-02T15:54:13.384Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47497
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 20:41
Severity ?
EPSS score ?
Summary
In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.327Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47497", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:40:46.705562Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:41:00.980Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:47.368Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47497", datePublished: "2023-05-09T01:20:47.368Z", dateReserved: "2022-12-15T08:22:03.075Z", dateUpdated: "2025-01-28T20:41:00.980Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33905
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-11-27 15:46
Severity ?
EPSS score ?
Summary
In iwnpi server, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.675Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-33905", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-27T15:44:06.649896Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-27T15:46:23.585Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In iwnpi server, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:43.939Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33905", datePublished: "2023-07-12T08:32:43.939Z", dateReserved: "2023-05-23T06:51:01.536Z", dateUpdated: "2024-11-27T15:46:23.585Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39088
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.484Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39088", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.484Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47467
Vulnerability from cvelistv5
Published
2023-04-11 11:09
Modified
2025-02-10 19:08
Severity ?
EPSS score ?
Summary
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.128Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47467", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-10T19:08:48.456002Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-10T19:08:54.055Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.", }, ], providerMetadata: { dateUpdated: "2023-04-11T11:09:53.832Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47467", datePublished: "2023-04-11T11:09:53.832Z", dateReserved: "2022-12-15T08:22:03.068Z", dateUpdated: "2025-02-10T19:08:54.055Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39128
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.599Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39128", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.599Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48380
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:21
Severity ?
EPSS score ?
Summary
In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.838Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48380", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:20:59.847551Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:21:04.359Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10", }, ], }, ], descriptions: [ { lang: "en", value: "In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:24.031Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48380", datePublished: "2023-05-09T01:21:24.031Z", dateReserved: "2023-03-13T02:25:04.699Z", dateUpdated: "2025-01-28T17:21:04.359Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48439
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-07 20:49
Severity ?
EPSS score ?
Summary
In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.856Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48439", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T20:49:22.707599Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-07T20:49:29.922Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:00.524Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48439", datePublished: "2023-06-06T05:13:00.524Z", dateReserved: "2023-04-13T02:35:16.239Z", dateUpdated: "2025-01-07T20:49:29.922Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47462
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 16:57
Severity ?
EPSS score ?
Summary
In telephone service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.112Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47462", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T16:56:56.828576Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T16:57:09.945Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10", }, ], }, ], descriptions: [ { lang: "en", value: "In telephone service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47462", datePublished: "2023-03-07T01:31:26.415Z", dateReserved: "2022-12-15T08:22:03.066Z", dateUpdated: "2025-03-05T16:57:09.945Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48387
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:09
Severity ?
EPSS score ?
Summary
the apipe driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.757Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48387", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:09:33.654206Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:09:43.695Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "the apipe driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:31.816Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48387", datePublished: "2023-05-09T01:21:31.816Z", dateReserved: "2023-03-13T02:25:04.700Z", dateUpdated: "2025-01-28T17:09:43.695Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47325
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:09
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.471Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47325", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:09:13.682644Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:09:17.063Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47325", datePublished: "2023-02-06T05:27:44.418Z", dateReserved: "2022-12-13T05:23:52.516Z", dateUpdated: "2025-03-26T14:09:17.063Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47363
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:22
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.941Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47363", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:22:01.116769Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:22:04.239Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47363", datePublished: "2023-02-06T05:27:56.529Z", dateReserved: "2022-12-13T05:23:52.525Z", dateUpdated: "2025-03-26T14:22:04.239Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42783
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:23
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:19:04.418Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-42783", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:23:21.251762Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122 Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:23:26.844Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-42783", datePublished: "2023-02-06T05:27:38.699Z", dateReserved: "2022-10-11T02:13:03.220Z", dateUpdated: "2025-03-26T14:23:26.844Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33898
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-03 17:12
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.424Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33898", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T17:11:52.131529Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T17:12:11.525Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:58.025Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33898", datePublished: "2023-07-12T08:31:58.025Z", dateReserved: "2023-05-23T06:38:35.981Z", dateUpdated: "2024-12-03T17:12:11.525Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44424
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.476Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44424", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.476Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38670
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.520Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38670", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.520Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44444
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.503Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-191", description: "CWE-191 Integer Underflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44444", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.503Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47322
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:11
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.526Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47322", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:11:39.147173Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190 Integer Overflow or Wraparound", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:11:42.290Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47322", datePublished: "2023-02-06T05:27:41.571Z", dateReserved: "2022-12-13T05:23:52.515Z", dateUpdated: "2025-03-26T14:11:42.290Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38669
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.248Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38669", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.248Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47333
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 18:50
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.419Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47333", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:11:28.029520Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T18:50:18.018Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47333", datePublished: "2023-02-06T05:27:53.182Z", dateReserved: "2022-12-13T05:23:52.517Z", dateUpdated: "2025-03-26T18:50:18.018Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47356
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:25
Severity ?
EPSS score ?
Summary
In log service, there is a missing permission check. This could lead to local denial of service in log service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.882Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47356", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:24:47.217287Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:25:16.516Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In log service, there is a missing permission check. This could lead to local denial of service in log service.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47356", datePublished: "2023-02-06T05:27:01.663Z", dateReserved: "2022-12-13T05:23:52.523Z", dateUpdated: "2025-03-26T14:25:16.516Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47489
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 21:14
Severity ?
EPSS score ?
Summary
In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.389Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47489", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T21:13:55.898580Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190 Integer Overflow or Wraparound", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T21:14:14.452Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:41.613Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47489", datePublished: "2023-05-09T01:20:41.613Z", dateReserved: "2022-12-15T08:22:03.072Z", dateUpdated: "2025-01-28T21:14:14.452Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39112
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.557Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39112", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.557Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42756
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 13:10
Severity ?
EPSS score ?
Summary
In sensor driver, there is a possible buffer overflow due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:10:41.424Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In sensor driver, there is a possible buffer overflow due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Classic Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-42756", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-10-11T00:00:00", dateUpdated: "2024-08-03T13:10:41.424Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38679
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In music service, there is a missing permission check. This could lead to local denial of service in music service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.498Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In music service, there is a missing permission check. This could lead to local denial of service in music service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38679", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.498Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38672
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.510Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121 Stack-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38672", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.510Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48378
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:49
Severity ?
EPSS score ?
Summary
In engineermode service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.749Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48378", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:49:19.256463Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:49:27.852Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In engineermode service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:20.548Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48378", datePublished: "2023-05-09T01:21:20.548Z", dateReserved: "2023-03-13T02:25:04.699Z", dateUpdated: "2025-01-28T17:49:27.852Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39117
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.558Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39117", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.558Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32789
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-03 17:08
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:25:36.987Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-32789", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T17:08:32.031662Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T17:08:48.285Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:06.757Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-32789", datePublished: "2023-07-12T08:32:06.757Z", dateReserved: "2023-05-15T07:37:43.536Z", dateUpdated: "2024-12-03T17:08:48.285Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47451
Vulnerability from cvelistv5
Published
2023-02-06 05:28
Modified
2025-03-25 20:48
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.171Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47451", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-25T20:48:05.543249Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190 Integer Overflow or Wraparound", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-25T20:48:09.382Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47451", datePublished: "2023-02-06T05:28:06.346Z", dateReserved: "2022-12-15T08:22:03.063Z", dateUpdated: "2025-03-25T20:48:09.382Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30865
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-08 15:08
Severity ?
EPSS score ?
Summary
In dialer service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.507Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-30865", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T15:08:49.686827Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-08T15:08:54.740Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In dialer service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:11.797Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30865", datePublished: "2023-06-06T05:13:11.797Z", dateReserved: "2023-04-19T09:06:41.102Z", dateUpdated: "2025-01-08T15:08:54.740Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44422
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.892Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44422", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.892Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30930
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:26
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.529Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30930", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:26:07.339561Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:26:20.428Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:29.506Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30930", datePublished: "2023-07-12T08:31:29.506Z", dateReserved: "2023-04-21T08:42:30.248Z", dateUpdated: "2024-12-04T15:26:20.428Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47357
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 13:34
Severity ?
EPSS score ?
Summary
In log service, there is a missing permission check. This could lead to local denial of service in log service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.946Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47357", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:33:20.344138Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:34:03.381Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In log service, there is a missing permission check. This could lead to local denial of service in log service.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47357", datePublished: "2023-02-06T05:27:02.609Z", dateReserved: "2022-12-13T05:23:52.523Z", dateUpdated: "2025-03-26T13:34:03.381Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39111
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.555Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39111", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.555Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47452
Vulnerability from cvelistv5
Published
2023-02-06 05:28
Modified
2025-03-26 13:23
Severity ?
EPSS score ?
Summary
In gnss driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.338Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47452", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:20:24.941928Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:23:43.516Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In gnss driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47452", datePublished: "2023-02-06T05:28:07.290Z", dateReserved: "2022-12-15T08:22:03.064Z", dateUpdated: "2025-03-26T13:23:43.516Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39122
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.596Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39122", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.596Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47324
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:10
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.530Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47324", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:10:04.380825Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:10:08.290Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47324", datePublished: "2023-02-06T05:27:43.453Z", dateReserved: "2022-12-13T05:23:52.516Z", dateUpdated: "2025-03-26T14:10:08.290Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47495
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 20:42
Severity ?
EPSS score ?
Summary
In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.303Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47495", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:42:26.489107Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:42:30.480Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:45.141Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47495", datePublished: "2023-05-09T01:20:45.141Z", dateReserved: "2022-12-15T08:22:03.074Z", dateUpdated: "2025-01-28T20:42:30.480Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33890
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-04 15:04
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.386Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33890", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:04:36.294485Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:04:55.648Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:25.104Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33890", datePublished: "2023-07-12T08:32:25.104Z", dateReserved: "2023-05-23T06:38:35.980Z", dateUpdated: "2024-12-04T15:04:55.648Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39080
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.368Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39080", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.368Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39125
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.507Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39125", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.507Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38673
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.455Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-126", description: "CWE-126 Buffer Over-read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38673", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.455Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30914
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-08 14:50
Severity ?
EPSS score ?
Summary
In email service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.526Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-30914", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T14:50:21.843659Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-08T14:50:25.472Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In email service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:13.647Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30914", datePublished: "2023-06-06T05:13:13.647Z", dateReserved: "2023-04-21T08:42:30.245Z", dateUpdated: "2025-01-08T14:50:25.472Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47367
Vulnerability from cvelistv5
Published
2023-02-06 05:28
Modified
2025-03-26 14:17
Severity ?
EPSS score ?
Summary
In bluetooth driver, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.870Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47367", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:16:57.528146Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:17:00.646Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In bluetooth driver, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47367", datePublished: "2023-02-06T05:28:01.632Z", dateReserved: "2022-12-13T05:23:52.526Z", dateUpdated: "2025-03-26T14:17:00.646Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44433
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:06
Severity ?
EPSS score ?
Summary
In phoneEx service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.357Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-44433", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:05:09.004599Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:06:45.294Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10", }, ], }, ], descriptions: [ { lang: "en", value: "In phoneEx service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:36.081Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44433", datePublished: "2023-05-09T01:21:36.081Z", dateReserved: "2022-10-31T01:03:52.587Z", dateUpdated: "2025-01-28T17:06:45.294Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47323
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:11
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.419Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47323", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:10:57.756154Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:11:01.234Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47323", datePublished: "2023-02-06T05:27:42.500Z", dateReserved: "2022-12-13T05:23:52.516Z", dateUpdated: "2025-03-26T14:11:01.234Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47361
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 13:27
Severity ?
EPSS score ?
Summary
In firewall service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.034Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47361", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:26:05.002354Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:27:02.668Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In firewall service, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47361", datePublished: "2023-02-06T05:27:28.253Z", dateReserved: "2022-12-13T05:23:52.525Z", dateUpdated: "2025-03-26T13:27:02.668Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30940
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:12
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.522Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30940", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:12:14.886926Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:12:35.940Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:47.448Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30940", datePublished: "2023-07-12T08:31:47.448Z", dateReserved: "2023-04-21T08:42:30.249Z", dateUpdated: "2024-12-04T15:12:35.940Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39085
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.407Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39085", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.407Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39113
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.490Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39113", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.490Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44448
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:12
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.658Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-44448", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:12:55.891432Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121 Stack-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:12:59.375Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44448", datePublished: "2023-02-06T05:27:40.636Z", dateReserved: "2022-10-31T01:03:52.589Z", dateUpdated: "2025-03-26T14:12:59.375Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48385
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:13
Severity ?
EPSS score ?
Summary
In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.807Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48385", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:13:54.767230Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:13:59.535Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:29.801Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48385", datePublished: "2023-05-09T01:21:29.801Z", dateReserved: "2023-03-13T02:25:04.699Z", dateUpdated: "2025-01-28T17:13:59.535Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44423
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.463Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44423", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.463Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47483
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-05 21:07
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.178Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47483", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T21:07:07.012270Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-05T21:07:42.579Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local denial of service in telephone service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47483", datePublished: "2023-03-07T01:31:50.122Z", dateReserved: "2022-12-15T08:22:03.071Z", dateUpdated: "2025-03-05T21:07:42.579Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44429
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.476Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "cwe-122 Heap Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44429", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.476Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30917
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:26
Severity ?
EPSS score ?
Summary
In DMService, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.514Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30917", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:25:54.467754Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:26:31.212Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In DMService, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:07.843Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30917", datePublished: "2023-07-12T08:31:07.843Z", dateReserved: "2023-04-21T08:42:30.246Z", dateUpdated: "2024-12-04T15:26:31.212Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47365
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:20
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.966Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47365", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:20:16.628150Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:20:20.091Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47365", datePublished: "2023-02-06T05:27:58.670Z", dateReserved: "2022-12-13T05:23:52.525Z", dateUpdated: "2025-03-26T14:20:20.091Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42754
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 13:10
Severity ?
EPSS score ?
Summary
In npu driver, there is a memory corruption due to a use after free. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:10:41.482Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In npu driver, there is a memory corruption due to a use after free. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-42754", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-10-11T00:00:00", dateUpdated: "2024-08-03T13:10:41.482Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48237
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 20:34
Severity ?
EPSS score ?
Summary
In Image filter, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.676Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48237", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:34:46.639813Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:34:52.071Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In Image filter, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:52.940Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48237", datePublished: "2023-05-09T01:20:52.940Z", dateReserved: "2023-01-09T11:51:07.072Z", dateUpdated: "2025-01-28T20:34:52.071Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39116
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.553Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121 Stack Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39116", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.553Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30915
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-08 15:06
Severity ?
EPSS score ?
Summary
In email service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.508Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-30915", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T15:06:45.886828Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-08T15:06:50.998Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In email service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:14.578Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30915", datePublished: "2023-06-06T05:13:14.578Z", dateReserved: "2023-04-21T08:42:30.245Z", dateUpdated: "2025-01-08T15:06:50.998Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48381
Vulnerability from cvelistv5
Published
2023-05-09 01:21
Modified
2025-01-28 17:20
Severity ?
EPSS score ?
Summary
In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.726Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48381", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T17:20:05.734189Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T17:20:14.743Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10", }, ], }, ], descriptions: [ { lang: "en", value: "In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:21:25.225Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48381", datePublished: "2023-05-09T01:21:25.225Z", dateReserved: "2023-03-13T02:25:04.699Z", dateUpdated: "2025-01-28T17:20:14.743Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42761
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 13:19
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:19:03.614Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "cwe-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-42761", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-10-11T00:00:00", dateUpdated: "2024-08-03T13:19:03.614Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42775
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 13:19
Severity ?
EPSS score ?
Summary
In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:19:03.859Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-42775", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-10-11T00:00:00", dateUpdated: "2024-08-03T13:19:03.859Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47490
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 21:20
Severity ?
EPSS score ?
Summary
In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.374Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47490", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T21:20:09.341135Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T21:20:21.419Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:36.111Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47490", datePublished: "2023-05-09T01:20:36.111Z", dateReserved: "2022-12-15T08:22:03.074Z", dateUpdated: "2025-01-28T21:20:21.419Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47326
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:07
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:29.527Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47326", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:07:36.202356Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:07:40.768Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47326", datePublished: "2023-02-06T05:27:45.370Z", dateReserved: "2022-12-13T05:23:52.516Z", dateUpdated: "2025-03-26T14:07:40.768Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48240
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 18:16
Severity ?
EPSS score ?
Summary
In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.766Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48240", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T18:16:56.680726Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T18:16:59.569Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:56.391Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48240", datePublished: "2023-05-09T01:20:56.391Z", dateReserved: "2023-01-09T11:51:07.073Z", dateUpdated: "2025-01-28T18:16:59.569Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47478
Vulnerability from cvelistv5
Published
2023-03-07 01:31
Modified
2025-03-06 16:07
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.350Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47478", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-06T16:07:22.974156Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-06T16:07:27.772Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-10T20:04:40.537Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1632612109718192129", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47478", datePublished: "2023-03-07T01:31:41.490Z", dateReserved: "2022-12-15T08:22:03.070Z", dateUpdated: "2025-03-06T16:07:27.772Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47359
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 13:31
Severity ?
EPSS score ?
Summary
In log service, there is a missing permission check. This could lead to local denial of service in log service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.963Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47359", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T13:30:33.519684Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T13:31:26.939Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In log service, there is a missing permission check. This could lead to local denial of service in log service.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47359", datePublished: "2023-02-06T05:27:25.512Z", dateReserved: "2022-12-13T05:23:52.524Z", dateUpdated: "2025-03-26T13:31:26.939Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44440
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.512Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44440", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.512Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30866
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-08 14:51
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.488Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-30866", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T14:51:34.690522Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-08T14:51:41.688Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:12.727Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30866", datePublished: "2023-06-06T05:13:12.727Z", dateReserved: "2023-04-19T09:06:41.102Z", dateUpdated: "2025-01-08T14:51:41.688Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47366
Vulnerability from cvelistv5
Published
2023-02-06 05:27
Modified
2025-03-26 14:17
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.961Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47366", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-26T14:17:55.323782Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T14:17:58.934Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-12T01:45:42.615Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47366", datePublished: "2023-02-06T05:27:59.628Z", dateReserved: "2022-12-13T05:23:52.526Z", dateUpdated: "2025-03-26T14:17:58.934Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48236
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 20:36
Severity ?
EPSS score ?
Summary
In MP3 encoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:58.954Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48236", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T20:36:32.232543Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T20:36:36.083Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In MP3 encoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:51.579Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48236", datePublished: "2023-05-09T01:20:51.579Z", dateReserved: "2023-01-09T11:51:07.072Z", dateUpdated: "2025-01-28T20:36:36.083Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48450
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-08-03 15:10
Severity ?
EPSS score ?
Summary
In bluetooth service, there is a possible missing params check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.904Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In bluetooth service, there is a possible missing params check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:40.497Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48450", datePublished: "2023-07-12T08:32:40.497Z", dateReserved: "2023-04-13T02:35:16.241Z", dateUpdated: "2024-08-03T15:10:59.904Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39100
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.409Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39100", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.409Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47487
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 21:24
Severity ?
EPSS score ?
Summary
In thermal service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.027Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47487", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T21:24:03.444097Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T21:24:18.263Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In thermal service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:33.753Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47487", datePublished: "2023-05-09T01:20:33.753Z", dateReserved: "2022-12-15T08:22:03.072Z", dateUpdated: "2025-01-28T21:24:18.263Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48446
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-08 15:18
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.866Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48446", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T15:18:16.822772Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-08T15:18:21.564Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:07.036Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48446", datePublished: "2023-06-06T05:13:07.036Z", dateReserved: "2023-04-13T02:35:16.240Z", dateUpdated: "2025-01-08T15:18:21.564Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33899
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-03 17:10
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.295Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33899", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T17:10:14.923471Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T17:10:33.489Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:59.323Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33899", datePublished: "2023-07-12T08:31:59.323Z", dateReserved: "2023-05-23T06:51:01.535Z", dateUpdated: "2024-12-03T17:10:33.489Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30920
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:45
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.506Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30920", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:45:42.991602Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:45:55.699Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:11.731Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30920", datePublished: "2023-07-12T08:31:11.731Z", dateReserved: "2023-04-21T08:42:30.246Z", dateUpdated: "2024-12-04T15:45:55.699Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47492
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-28 21:18
Severity ?
EPSS score ?
Summary
In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.314Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47492", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T21:18:12.251789Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-28T21:18:20.069Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:37.236Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47492", datePublished: "2023-05-09T01:20:37.236Z", dateReserved: "2022-12-15T08:22:03.074Z", dateUpdated: "2025-01-28T21:18:20.069Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47362
Vulnerability from cvelistv5
Published
2023-04-11 11:09
Modified
2025-02-10 17:25
Severity ?
EPSS score ?
Summary
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.971Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-47362", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-10T17:24:25.883554Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-10T17:25:32.248Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.", }, ], providerMetadata: { dateUpdated: "2023-04-11T11:09:47.453Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1645429273135218690", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-47362", datePublished: "2023-04-11T11:09:47.453Z", dateReserved: "2022-12-13T05:23:52.525Z", dateUpdated: "2025-02-10T17:25:32.248Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48442
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-07 20:35
Severity ?
EPSS score ?
Summary
In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.805Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48442", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T20:35:45.556430Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-07T20:35:50.086Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:03.298Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48442", datePublished: "2023-06-06T05:13:03.298Z", dateReserved: "2023-04-13T02:35:16.239Z", dateUpdated: "2025-01-07T20:35:50.086Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39132
Vulnerability from cvelistv5
Published
2022-12-06 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.601Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-126", description: "CWE-126 Buffer Over-read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1599588060988411006", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-39132", datePublished: "2022-12-06T00:00:00", dateReserved: "2022-09-01T00:00:00", dateUpdated: "2024-08-03T11:10:32.601Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48447
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-08 15:16
Severity ?
EPSS score ?
Summary
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.950Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48447", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T15:16:33.931674Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-08T15:16:38.971Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:08.025Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48447", datePublished: "2023-06-06T05:13:08.025Z", dateReserved: "2023-04-13T02:35:16.240Z", dateUpdated: "2025-01-08T15:16:38.971Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33879
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-12-03 17:07
Severity ?
EPSS score ?
Summary
In music service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.380Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33879", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-03T17:06:43.583864Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-03T17:07:53.475Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In music service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:07.737Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33879", datePublished: "2023-07-12T08:32:07.737Z", dateReserved: "2023-05-23T06:38:35.977Z", dateUpdated: "2024-12-03T17:07:53.475Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33901
Vulnerability from cvelistv5
Published
2023-07-12 08:32
Modified
2024-08-02 15:54
Severity ?
EPSS score ?
Summary
In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:13.684Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:32:36.431Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-33901", datePublished: "2023-07-12T08:32:36.431Z", dateReserved: "2023-05-23T06:51:01.535Z", dateUpdated: "2024-08-02T15:54:13.684Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-30939
Vulnerability from cvelistv5
Published
2023-07-12 08:31
Modified
2024-12-04 15:13
Severity ?
EPSS score ?
Summary
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:37:15.575Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-30939", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-04T15:13:03.917668Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-04T15:13:20.544Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-07-12T08:31:46.518Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2023-30939", datePublished: "2023-07-12T08:31:46.518Z", dateReserved: "2023-04-21T08:42:30.248Z", dateUpdated: "2024-12-04T15:13:20.544Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48440
Vulnerability from cvelistv5
Published
2023-06-06 05:13
Modified
2025-01-07 20:48
Severity ?
EPSS score ?
Summary
In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.896Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48440", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T20:47:55.247270Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770 Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-07T20:48:12.686Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.", }, ], providerMetadata: { dateUpdated: "2023-06-06T05:13:01.448Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48440", datePublished: "2023-06-06T05:13:01.448Z", dateReserved: "2023-04-13T02:35:16.239Z", dateUpdated: "2025-01-07T20:48:12.686Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44434
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.453Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44434", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.453Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-48239
Vulnerability from cvelistv5
Published
2023-05-09 01:20
Modified
2025-01-29 16:56
Severity ?
EPSS score ?
Summary
In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12/Android13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:10:59.251Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-48239", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-28T18:17:28.881595Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-29T16:56:56.083Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12/Android13", }, ], }, ], descriptions: [ { lang: "en", value: "In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.", }, ], providerMetadata: { dateUpdated: "2023-05-09T01:20:55.185Z", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-48239", datePublished: "2023-05-09T01:20:55.185Z", dateReserved: "2023-01-09T11:51:07.073Z", dateUpdated: "2025-01-29T16:56:56.083Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38677
Vulnerability from cvelistv5
Published
2022-10-14 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
In cell service, there is a missing permission check. This could lead to local denial of service in cell service with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:02:14.340Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In cell service, there is a missing permission check. This could lead to local denial of service in cell service with no additional execution privileges needed.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-38677", datePublished: "2022-10-14T00:00:00", dateReserved: "2022-08-22T00:00:00", dateUpdated: "2024-08-03T11:02:14.340Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-44445
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-03 13:54
Severity ?
EPSS score ?
Summary
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 |
Version: Android10/Android11/Android12 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:54:03.475Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000", vendor: "Unisoc (Shanghai) Technologies Co., Ltd.", versions: [ { status: "affected", version: "Android10/Android11/Android12", }, ], }, ], descriptions: [ { lang: "en", value: "In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-126", description: "CWE-126 Buffer Over-read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-04T00:00:00", orgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", shortName: "Unisoc", }, references: [ { url: "https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", }, ], }, }, cveMetadata: { assignerOrgId: "63f92e9c-2193-4c24-98a9-93640392c3d3", assignerShortName: "Unisoc", cveId: "CVE-2022-44445", datePublished: "2023-01-04T00:00:00", dateReserved: "2022-10-31T00:00:00", dateUpdated: "2024-08-03T13:54:03.475Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }