Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
326 vulnerabilities found for SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 by Unisoc (Shanghai) Technologies Co., Ltd.
CVE-2024-39438 (GCVE-0-2024-39438)
Vulnerability from nvd – Published: 2024-10-09 06:43 – Updated: 2024-10-09 18:52
VLAI?
Summary
In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
Severity ?
6.5 (Medium)
CWE
- cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android13/Android14
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc7731e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9832e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9863a",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t310",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t606",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t612",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t616",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t610",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t618",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t760",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t770",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "s8000",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39438",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T18:35:42.803689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T18:52:15.994Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T06:43:29.015Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39438",
"datePublished": "2024-10-09T06:43:29.015Z",
"dateReserved": "2024-06-25T06:13:32.360Z",
"dateUpdated": "2024-10-09T18:52:15.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39437 (GCVE-0-2024-39437)
Vulnerability from nvd – Published: 2024-10-09 06:43 – Updated: 2024-10-09 21:55
VLAI?
Summary
In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
Severity ?
6.5 (Medium)
CWE
- cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android13/Android14
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39437",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T21:53:32.597384Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T21:55:01.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T06:43:28.078Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39437",
"datePublished": "2024-10-09T06:43:28.078Z",
"dateReserved": "2024-06-25T06:13:32.360Z",
"dateUpdated": "2024-10-09T21:55:01.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39436 (GCVE-0-2024-39436)
Vulnerability from nvd – Published: 2024-10-09 06:43 – Updated: 2024-10-09 21:53
VLAI?
Summary
In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
Severity ?
6.5 (Medium)
CWE
- cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android13/Android14
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39436",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T21:41:00.434575Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T21:53:14.786Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T06:43:27.037Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39436",
"datePublished": "2024-10-09T06:43:27.037Z",
"dateReserved": "2024-06-25T06:13:32.359Z",
"dateUpdated": "2024-10-09T21:53:14.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39435 (GCVE-0-2024-39435)
Vulnerability from nvd – Published: 2024-09-27 07:37 – Updated: 2024-09-27 15:34
VLAI?
Summary
In Logmanager service, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed.
Severity ?
6.5 (Medium)
CWE
- cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_12"
},
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39435",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T15:22:29.003921Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T15:34:57.072Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Logmanager service, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T07:37:44.941Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39435",
"datePublished": "2024-09-27T07:37:44.941Z",
"dateReserved": "2024-06-25T06:13:32.358Z",
"dateUpdated": "2024-09-27T15:34:57.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39432 (GCVE-0-2024-39432)
Vulnerability from nvd – Published: 2024-09-27 07:37 – Updated: 2024-09-27 15:40
VLAI?
Summary
In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
Severity ?
8.3 (High)
CWE
- cwe-121 Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_12"
},
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39432",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T15:37:32.827650Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T15:40:31.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T07:37:41.899Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39432",
"datePublished": "2024-09-27T07:37:41.899Z",
"dateReserved": "2024-06-25T06:13:32.358Z",
"dateUpdated": "2024-09-27T15:40:31.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39431 (GCVE-0-2024-39431)
Vulnerability from nvd – Published: 2024-09-27 07:37 – Updated: 2024-09-27 15:42
VLAI?
Summary
In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
Severity ?
8.3 (High)
CWE
- cwe-121 Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_12"
},
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39431",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T15:41:03.864954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T15:42:50.544Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T07:37:40.908Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39431",
"datePublished": "2024-09-27T07:37:40.908Z",
"dateReserved": "2024-06-25T06:13:32.358Z",
"dateUpdated": "2024-09-27T15:42:50.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39428 (GCVE-0-2024-39428)
Vulnerability from nvd – Published: 2024-07-01 08:40 – Updated: 2024-08-02 04:26
VLAI?
Summary
In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Severity ?
6.8 (Medium)
CWE
- cwe-787 Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39428",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T20:53:20.461642Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T20:53:31.436Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:15.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T08:40:57.909Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39428",
"datePublished": "2024-07-01T08:40:57.909Z",
"dateReserved": "2024-06-25T06:13:32.357Z",
"dateUpdated": "2024-08-02T04:26:15.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39427 (GCVE-0-2024-39427)
Vulnerability from nvd – Published: 2024-07-01 08:40 – Updated: 2024-08-02 04:26
VLAI?
Summary
In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Severity ?
5.1 (Medium)
CWE
- cwe-787 Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39427",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T20:44:18.408928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T20:44:25.958Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:14.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T08:40:56.972Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39427",
"datePublished": "2024-07-01T08:40:56.972Z",
"dateReserved": "2024-06-25T06:13:32.357Z",
"dateUpdated": "2024-08-02T04:26:14.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23658 (GCVE-0-2024-23658)
Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2024-10-27 13:30
VLAI?
Summary
In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed
Severity ?
4.4 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23658",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T14:30:56.019128Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-27T13:30:07.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:25.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.943Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-23658",
"datePublished": "2024-04-08T02:21:17.943Z",
"dateReserved": "2024-01-19T02:58:30.137Z",
"dateUpdated": "2024-10-27T13:30:07.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52536 (GCVE-0-2023-52536)
Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2025-03-26 20:26
VLAI?
Summary
In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Severity ?
4.4 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:03:20.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52536",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T16:45:38.933653Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T20:26:39.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:40.495Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52536",
"datePublished": "2024-04-08T02:21:40.495Z",
"dateReserved": "2024-02-26T05:56:52.680Z",
"dateUpdated": "2025-03-26T20:26:39.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52352 (GCVE-0-2023-52352)
Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2025-03-28 19:11
VLAI?
Summary
In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed
Severity ?
6.2 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android13/Android14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52352",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T14:30:36.712418Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T19:11:14.459Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.651Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.681Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52352",
"datePublished": "2024-04-08T02:21:17.681Z",
"dateReserved": "2024-01-19T02:58:31.099Z",
"dateUpdated": "2025-03-28T19:11:14.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52351 (GCVE-0-2023-52351)
Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2024-11-05 16:55
VLAI?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Severity ?
7.8 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc7731e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9832e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9863a",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t310",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t606",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t612",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t616",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t610",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t618",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t760",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t770",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "s8000",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T15:02:14.304772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T16:55:02.465Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.415Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52351",
"datePublished": "2024-04-08T02:21:17.415Z",
"dateReserved": "2024-01-19T02:58:31.099Z",
"dateUpdated": "2024-11-05T16:55:02.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52350 (GCVE-0-2023-52350)
Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2025-03-27 20:36
VLAI?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Severity ?
5.5 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-08T13:03:32.020840Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T20:36:42.973Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.148Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52350",
"datePublished": "2024-04-08T02:21:17.148Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2025-03-27T20:36:42.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52349 (GCVE-0-2023-52349)
Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2025-03-28 19:15
VLAI?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Severity ?
5.6 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52349",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T14:26:50.461773Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T19:15:28.412Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:16.875Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52349",
"datePublished": "2024-04-08T02:21:16.875Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2025-03-28T19:15:28.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52348 (GCVE-0-2023-52348)
Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2024-11-19 21:31
VLAI?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Severity ?
4.4 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52348",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T19:41:10.773102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T21:31:04.308Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:16.603Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52348",
"datePublished": "2024-04-08T02:21:16.603Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2024-11-19T21:31:04.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52347 (GCVE-0-2023-52347)
Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2024-11-01 14:55
VLAI?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Severity ?
5.5 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52347",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T14:24:55.345349Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T14:55:33.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:16.328Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52347",
"datePublished": "2024-04-08T02:21:16.328Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2024-11-01T14:55:33.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52346 (GCVE-0-2023-52346)
Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2024-11-04 17:31
VLAI?
Summary
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
Severity ?
4.4 (Medium)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52346",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-08T16:05:36.855182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T17:31:44.800Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:16.048Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52346",
"datePublished": "2024-04-08T02:21:16.048Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2024-11-04T17:31:44.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52345 (GCVE-0-2023-52345)
Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2024-12-03 16:58
VLAI?
Summary
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
Severity ?
6 (Medium)
CWE
- CWE-922 - Insecure Storage of Sensitive Information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52345",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-31T18:11:54.730765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-922",
"description": "CWE-922 Insecure Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T16:58:54.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:15.765Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52345",
"datePublished": "2024-04-08T02:21:15.765Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2024-12-03T16:58:54.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39438 (GCVE-0-2024-39438)
Vulnerability from cvelistv5 – Published: 2024-10-09 06:43 – Updated: 2024-10-09 18:52
VLAI?
Summary
In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
Severity ?
6.5 (Medium)
CWE
- cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android13/Android14
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc7731e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9832e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9863a",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t310",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t606",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t612",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t616",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t610",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t618",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t760",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t770",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "s8000",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39438",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T18:35:42.803689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T18:52:15.994Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T06:43:29.015Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39438",
"datePublished": "2024-10-09T06:43:29.015Z",
"dateReserved": "2024-06-25T06:13:32.360Z",
"dateUpdated": "2024-10-09T18:52:15.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39437 (GCVE-0-2024-39437)
Vulnerability from cvelistv5 – Published: 2024-10-09 06:43 – Updated: 2024-10-09 21:55
VLAI?
Summary
In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
Severity ?
6.5 (Medium)
CWE
- cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android13/Android14
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39437",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T21:53:32.597384Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T21:55:01.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T06:43:28.078Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39437",
"datePublished": "2024-10-09T06:43:28.078Z",
"dateReserved": "2024-06-25T06:13:32.360Z",
"dateUpdated": "2024-10-09T21:55:01.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39436 (GCVE-0-2024-39436)
Vulnerability from cvelistv5 – Published: 2024-10-09 06:43 – Updated: 2024-10-09 21:53
VLAI?
Summary
In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
Severity ?
6.5 (Medium)
CWE
- cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android13/Android14
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39436",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T21:41:00.434575Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T21:53:14.786Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T06:43:27.037Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39436",
"datePublished": "2024-10-09T06:43:27.037Z",
"dateReserved": "2024-06-25T06:13:32.359Z",
"dateUpdated": "2024-10-09T21:53:14.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39435 (GCVE-0-2024-39435)
Vulnerability from cvelistv5 – Published: 2024-09-27 07:37 – Updated: 2024-09-27 15:34
VLAI?
Summary
In Logmanager service, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed.
Severity ?
6.5 (Medium)
CWE
- cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_12"
},
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39435",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T15:22:29.003921Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T15:34:57.072Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Logmanager service, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T07:37:44.941Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39435",
"datePublished": "2024-09-27T07:37:44.941Z",
"dateReserved": "2024-06-25T06:13:32.358Z",
"dateUpdated": "2024-09-27T15:34:57.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39432 (GCVE-0-2024-39432)
Vulnerability from cvelistv5 – Published: 2024-09-27 07:37 – Updated: 2024-09-27 15:40
VLAI?
Summary
In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
Severity ?
8.3 (High)
CWE
- cwe-121 Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_12"
},
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39432",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T15:37:32.827650Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T15:40:31.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T07:37:41.899Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39432",
"datePublished": "2024-09-27T07:37:41.899Z",
"dateReserved": "2024-06-25T06:13:32.358Z",
"dateUpdated": "2024-09-27T15:40:31.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39431 (GCVE-0-2024-39431)
Vulnerability from cvelistv5 – Published: 2024-09-27 07:37 – Updated: 2024-09-27 15:42
VLAI?
Summary
In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
Severity ?
8.3 (High)
CWE
- cwe-121 Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_12"
},
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39431",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T15:41:03.864954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T15:42:50.544Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T07:37:40.908Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39431",
"datePublished": "2024-09-27T07:37:40.908Z",
"dateReserved": "2024-06-25T06:13:32.358Z",
"dateUpdated": "2024-09-27T15:42:50.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39428 (GCVE-0-2024-39428)
Vulnerability from cvelistv5 – Published: 2024-07-01 08:40 – Updated: 2024-08-02 04:26
VLAI?
Summary
In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Severity ?
6.8 (Medium)
CWE
- cwe-787 Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39428",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T20:53:20.461642Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T20:53:31.436Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:15.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T08:40:57.909Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39428",
"datePublished": "2024-07-01T08:40:57.909Z",
"dateReserved": "2024-06-25T06:13:32.357Z",
"dateUpdated": "2024-08-02T04:26:15.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39427 (GCVE-0-2024-39427)
Vulnerability from cvelistv5 – Published: 2024-07-01 08:40 – Updated: 2024-08-02 04:26
VLAI?
Summary
In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Severity ?
5.1 (Medium)
CWE
- cwe-787 Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39427",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T20:44:18.408928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T20:44:25.958Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:14.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T08:40:56.972Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39427",
"datePublished": "2024-07-01T08:40:56.972Z",
"dateReserved": "2024-06-25T06:13:32.357Z",
"dateUpdated": "2024-08-02T04:26:14.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52536 (GCVE-0-2023-52536)
Vulnerability from cvelistv5 – Published: 2024-04-08 02:21 – Updated: 2025-03-26 20:26
VLAI?
Summary
In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Severity ?
4.4 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:03:20.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52536",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T16:45:38.933653Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T20:26:39.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:40.495Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52536",
"datePublished": "2024-04-08T02:21:40.495Z",
"dateReserved": "2024-02-26T05:56:52.680Z",
"dateUpdated": "2025-03-26T20:26:39.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23658 (GCVE-0-2024-23658)
Vulnerability from cvelistv5 – Published: 2024-04-08 02:21 – Updated: 2024-10-27 13:30
VLAI?
Summary
In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed
Severity ?
4.4 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23658",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T14:30:56.019128Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-27T13:30:07.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:25.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.943Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-23658",
"datePublished": "2024-04-08T02:21:17.943Z",
"dateReserved": "2024-01-19T02:58:30.137Z",
"dateUpdated": "2024-10-27T13:30:07.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52352 (GCVE-0-2023-52352)
Vulnerability from cvelistv5 – Published: 2024-04-08 02:21 – Updated: 2025-03-28 19:11
VLAI?
Summary
In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed
Severity ?
6.2 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android13/Android14
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52352",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T14:30:36.712418Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T19:11:14.459Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.651Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.681Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52352",
"datePublished": "2024-04-08T02:21:17.681Z",
"dateReserved": "2024-01-19T02:58:31.099Z",
"dateUpdated": "2025-03-28T19:11:14.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52351 (GCVE-0-2023-52351)
Vulnerability from cvelistv5 – Published: 2024-04-08 02:21 – Updated: 2024-11-05 16:55
VLAI?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Severity ?
7.8 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Affected:
Android12/Android13/Android14
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc7731e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9832e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9863a",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t310",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t606",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t612",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t616",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t610",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t618",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t760",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t770",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "s8000",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T15:02:14.304772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T16:55:02.465Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.415Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52351",
"datePublished": "2024-04-08T02:21:17.415Z",
"dateReserved": "2024-01-19T02:58:31.099Z",
"dateUpdated": "2024-11-05T16:55:02.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}