Search

Find a vulnerability

Search criteria

    326 vulnerabilities found for SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 by Unisoc (Shanghai) Technologies Co., Ltd.

    CVE-2024-39438 (GCVE-0-2024-39438)

    Vulnerability from nvd – Published: 2024-10-09 06:43 – Updated: 2024-10-09 18:52
    VLAI
    Summary
    In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Affected: Android13/Android14
    Create a notification for this product.
    unisoc sc7731e Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc sc9832e Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc sc9863a Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t310 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t606 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t612 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t616 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t610 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t618 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t760 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t770 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t820 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc s8000 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sc7731e",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sc9832e",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sc9863a",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t310",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t606",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t612",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t616",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t610",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t618",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t760",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t770",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t820",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "s8000",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39438",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-09T18:35:42.803689Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-09T18:52:15.994Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-09T06:43:29.015Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39438",
        "datePublished": "2024-10-09T06:43:29.015Z",
        "dateReserved": "2024-06-25T06:13:32.360Z",
        "dateUpdated": "2024-10-09T18:52:15.994Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39437 (GCVE-0-2024-39437)

    Vulnerability from nvd – Published: 2024-10-09 06:43 – Updated: 2024-10-09 21:55
    VLAI
    Summary
    In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Affected: Android13/Android14
    Create a notification for this product.
    unisoc t820 Affected: android_13
    Affected: android_14
        cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t820",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android_13"
                  },
                  {
                    "status": "affected",
                    "version": "android_14"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39437",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-09T21:53:32.597384Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-09T21:55:01.418Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-09T06:43:28.078Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39437",
        "datePublished": "2024-10-09T06:43:28.078Z",
        "dateReserved": "2024-06-25T06:13:32.360Z",
        "dateUpdated": "2024-10-09T21:55:01.418Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39436 (GCVE-0-2024-39436)

    Vulnerability from nvd – Published: 2024-10-09 06:43 – Updated: 2024-10-09 21:53
    VLAI
    Summary
    In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Affected: Android13/Android14
    Create a notification for this product.
    unisoc t820 Affected: android_13
    Affected: android_14
        cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t820",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android_13"
                  },
                  {
                    "status": "affected",
                    "version": "android_14"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39436",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-09T21:41:00.434575Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-09T21:53:14.786Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-09T06:43:27.037Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39436",
        "datePublished": "2024-10-09T06:43:27.037Z",
        "dateReserved": "2024-06-25T06:13:32.359Z",
        "dateUpdated": "2024-10-09T21:53:14.786Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39435 (GCVE-0-2024-39435)

    Vulnerability from nvd – Published: 2024-09-27 07:37 – Updated: 2024-09-27 15:34
    VLAI
    Summary
    In Logmanager service, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Affected: Android12/Android13/Android14
    Create a notification for this product.
    unisoc t820 Affected: android_12
    Affected: android_13
    Affected: android_14
        cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t820",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android_12"
                  },
                  {
                    "status": "affected",
                    "version": "android_13"
                  },
                  {
                    "status": "affected",
                    "version": "android_14"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39435",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-27T15:22:29.003921Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-27T15:34:57.072Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Logmanager service, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-27T07:37:44.941Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39435",
        "datePublished": "2024-09-27T07:37:44.941Z",
        "dateReserved": "2024-06-25T06:13:32.358Z",
        "dateUpdated": "2024-09-27T15:34:57.072Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39432 (GCVE-0-2024-39432)

    Vulnerability from nvd – Published: 2024-09-27 07:37 – Updated: 2024-09-27 15:40
    VLAI
    Summary
    In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-121 Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Affected: Android12/Android13/Android14
    Create a notification for this product.
    unisoc t820 Affected: android_12
    Affected: android_13
    Affected: android_14
        cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t820",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android_12"
                  },
                  {
                    "status": "affected",
                    "version": "android_13"
                  },
                  {
                    "status": "affected",
                    "version": "android_14"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39432",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-27T15:37:32.827650Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-27T15:40:31.593Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-27T07:37:41.899Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39432",
        "datePublished": "2024-09-27T07:37:41.899Z",
        "dateReserved": "2024-06-25T06:13:32.358Z",
        "dateUpdated": "2024-09-27T15:40:31.593Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39431 (GCVE-0-2024-39431)

    Vulnerability from nvd – Published: 2024-09-27 07:37 – Updated: 2024-09-27 15:42
    VLAI
    Summary
    In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-121 Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Affected: Android12/Android13/Android14
    Create a notification for this product.
    unisoc t820 Affected: android_12
    Affected: android_13
    Affected: android_14
        cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t820",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android_12"
                  },
                  {
                    "status": "affected",
                    "version": "android_13"
                  },
                  {
                    "status": "affected",
                    "version": "android_14"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39431",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-27T15:41:03.864954Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-27T15:42:50.544Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-27T07:37:40.908Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39431",
        "datePublished": "2024-09-27T07:37:40.908Z",
        "dateReserved": "2024-06-25T06:13:32.358Z",
        "dateUpdated": "2024-09-27T15:42:50.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39428 (GCVE-0-2024-39428)

    Vulnerability from nvd – Published: 2024-07-01 08:40 – Updated: 2024-08-02 04:26
    VLAI
    Summary
    In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-787 Out-of-bounds Write
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39428",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-01T20:53:20.461642Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-01T20:53:31.436Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:26:15.425Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-01T08:40:57.909Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39428",
        "datePublished": "2024-07-01T08:40:57.909Z",
        "dateReserved": "2024-06-25T06:13:32.357Z",
        "dateUpdated": "2024-08-02T04:26:15.425Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39427 (GCVE-0-2024-39427)

    Vulnerability from nvd – Published: 2024-07-01 08:40 – Updated: 2024-08-02 04:26
    VLAI
    Summary
    In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-787 Out-of-bounds Write
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39427",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-01T20:44:18.408928Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-01T20:44:25.958Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:26:14.285Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-01T08:40:56.972Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39427",
        "datePublished": "2024-07-01T08:40:56.972Z",
        "dateReserved": "2024-06-25T06:13:32.357Z",
        "dateUpdated": "2024-08-02T04:26:14.285Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-23658 (GCVE-0-2024-23658)

    Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2024-10-27 13:30
    VLAI
    Summary
    In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 4.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23658",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-17T14:30:56.019128Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-27T13:30:07.593Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T23:06:25.340Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-08T02:21:17.943Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-23658",
        "datePublished": "2024-04-08T02:21:17.943Z",
        "dateReserved": "2024-01-19T02:58:30.137Z",
        "dateUpdated": "2024-10-27T13:30:07.593Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-52536 (GCVE-0-2023-52536)

    Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2025-03-26 20:26
    VLAI
    Summary
    In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T23:03:20.802Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "LOW",
                  "baseScore": 4.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-52536",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-22T16:45:38.933653Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-26T20:26:39.654Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-08T02:21:40.495Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-52536",
        "datePublished": "2024-04-08T02:21:40.495Z",
        "dateReserved": "2024-02-26T05:56:52.680Z",
        "dateUpdated": "2025-03-26T20:26:39.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-52352 (GCVE-0-2023-52352)

    Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2025-03-28 19:11
    VLAI
    Summary
    In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.2,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-52352",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-09T14:30:36.712418Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-862",
                    "description": "CWE-862 Missing Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-28T19:11:14.459Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T22:55:41.651Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-08T02:21:17.681Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-52352",
        "datePublished": "2024-04-08T02:21:17.681Z",
        "dateReserved": "2024-01-19T02:58:31.099Z",
        "dateUpdated": "2025-03-28T19:11:14.459Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-52351 (GCVE-0-2023-52351)

    Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2024-11-05 16:55
    VLAI
    Summary
    In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Affected: Android12/Android13/Android14
    Create a notification for this product.
    unisoc sc7731e Affected: android12_android13_android14
        cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc sc9832e Affected: android12_android13_android14
        cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc sc9863a Affected: android12_android13_android14
        cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t310 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t606 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t612 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t616 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t610 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t618 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t760 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t770 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t820 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc s8000 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T22:55:41.567Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sc7731e",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sc9832e",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sc9863a",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t310",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t606",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t612",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t616",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t610",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t618",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t760",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t770",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t820",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "s8000",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-52351",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-01T15:02:14.304772Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-05T16:55:02.465Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-08T02:21:17.415Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-52351",
        "datePublished": "2024-04-08T02:21:17.415Z",
        "dateReserved": "2024-01-19T02:58:31.099Z",
        "dateUpdated": "2024-11-05T16:55:02.465Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-52350 (GCVE-0-2023-52350)

    Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2025-03-27 20:36
    VLAI
    Summary
    In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-52350",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-08T13:03:32.020840Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-27T20:36:42.973Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T22:55:41.599Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-08T02:21:17.148Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-52350",
        "datePublished": "2024-04-08T02:21:17.148Z",
        "dateReserved": "2024-01-19T02:58:31.098Z",
        "dateUpdated": "2025-03-27T20:36:42.973Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-52349 (GCVE-0-2023-52349)

    Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2025-03-28 19:15
    VLAI
    Summary
    In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 5.6,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-52349",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-09T14:26:50.461773Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-28T19:15:28.412Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T22:55:41.501Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-08T02:21:16.875Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-52349",
        "datePublished": "2024-04-08T02:21:16.875Z",
        "dateReserved": "2024-01-19T02:58:31.098Z",
        "dateUpdated": "2025-03-28T19:15:28.412Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-52348 (GCVE-0-2023-52348)

    Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2024-11-19 21:31
    VLAI
    Summary
    In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 4.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-52348",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-16T19:41:10.773102Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-19T21:31:04.308Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T22:55:41.481Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-08T02:21:16.603Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-52348",
        "datePublished": "2024-04-08T02:21:16.603Z",
        "dateReserved": "2024-01-19T02:58:31.098Z",
        "dateUpdated": "2024-11-19T21:31:04.308Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-52347 (GCVE-0-2023-52347)

    Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2024-11-01 14:55
    VLAI
    Summary
    In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-52347",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-09T14:24:55.345349Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-01T14:55:33.683Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T22:55:41.609Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-08T02:21:16.328Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-52347",
        "datePublished": "2024-04-08T02:21:16.328Z",
        "dateReserved": "2024-01-19T02:58:31.098Z",
        "dateUpdated": "2024-11-01T14:55:33.683Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-52346 (GCVE-0-2023-52346)

    Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2024-11-04 17:31
    VLAI
    Summary
    In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 4.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-52346",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-08T16:05:36.855182Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-120",
                    "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-04T17:31:44.800Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T22:55:41.562Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-08T02:21:16.048Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-52346",
        "datePublished": "2024-04-08T02:21:16.048Z",
        "dateReserved": "2024-01-19T02:58:31.098Z",
        "dateUpdated": "2024-11-04T17:31:44.800Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-52345 (GCVE-0-2023-52345)

    Vulnerability from nvd – Published: 2024-04-08 02:21 – Updated: 2024-12-03 16:58
    VLAI
    Summary
    In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-922 - Insecure Storage of Sensitive Information
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-52345",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-31T18:11:54.730765Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-922",
                    "description": "CWE-922 Insecure Storage of Sensitive Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-03T16:58:54.933Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T22:55:41.688Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-08T02:21:15.765Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-52345",
        "datePublished": "2024-04-08T02:21:15.765Z",
        "dateReserved": "2024-01-19T02:58:31.098Z",
        "dateUpdated": "2024-12-03T16:58:54.933Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39438 (GCVE-0-2024-39438)

    Vulnerability from cvelistv5 – Published: 2024-10-09 06:43 – Updated: 2024-10-09 18:52
    VLAI
    Summary
    In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Affected: Android13/Android14
    Create a notification for this product.
    unisoc sc7731e Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc sc9832e Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc sc9863a Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t310 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t606 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t612 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t616 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t610 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t618 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t760 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t770 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t820 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc s8000 Affected: android13
    Affected: android14
        cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sc7731e",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sc9832e",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sc9863a",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t310",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t606",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t612",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t616",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t610",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t618",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t760",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t770",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t820",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "s8000",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  },
                  {
                    "status": "affected",
                    "version": "android14"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39438",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-09T18:35:42.803689Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-09T18:52:15.994Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-09T06:43:29.015Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39438",
        "datePublished": "2024-10-09T06:43:29.015Z",
        "dateReserved": "2024-06-25T06:13:32.360Z",
        "dateUpdated": "2024-10-09T18:52:15.994Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39437 (GCVE-0-2024-39437)

    Vulnerability from cvelistv5 – Published: 2024-10-09 06:43 – Updated: 2024-10-09 21:55
    VLAI
    Summary
    In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Affected: Android13/Android14
    Create a notification for this product.
    unisoc t820 Affected: android_13
    Affected: android_14
        cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t820",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android_13"
                  },
                  {
                    "status": "affected",
                    "version": "android_14"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39437",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-09T21:53:32.597384Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-09T21:55:01.418Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-09T06:43:28.078Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39437",
        "datePublished": "2024-10-09T06:43:28.078Z",
        "dateReserved": "2024-06-25T06:13:32.360Z",
        "dateUpdated": "2024-10-09T21:55:01.418Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39436 (GCVE-0-2024-39436)

    Vulnerability from cvelistv5 – Published: 2024-10-09 06:43 – Updated: 2024-10-09 21:53
    VLAI
    Summary
    In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Affected: Android13/Android14
    Create a notification for this product.
    unisoc t820 Affected: android_13
    Affected: android_14
        cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t820",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android_13"
                  },
                  {
                    "status": "affected",
                    "version": "android_14"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39436",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-09T21:41:00.434575Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-09T21:53:14.786Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-09T06:43:27.037Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39436",
        "datePublished": "2024-10-09T06:43:27.037Z",
        "dateReserved": "2024-06-25T06:13:32.359Z",
        "dateUpdated": "2024-10-09T21:53:14.786Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39435 (GCVE-0-2024-39435)

    Vulnerability from cvelistv5 – Published: 2024-09-27 07:37 – Updated: 2024-09-27 15:34
    VLAI
    Summary
    In Logmanager service, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Affected: Android12/Android13/Android14
    Create a notification for this product.
    unisoc t820 Affected: android_12
    Affected: android_13
    Affected: android_14
        cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t820",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android_12"
                  },
                  {
                    "status": "affected",
                    "version": "android_13"
                  },
                  {
                    "status": "affected",
                    "version": "android_14"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39435",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-27T15:22:29.003921Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-27T15:34:57.072Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Logmanager service, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-27T07:37:44.941Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39435",
        "datePublished": "2024-09-27T07:37:44.941Z",
        "dateReserved": "2024-06-25T06:13:32.358Z",
        "dateUpdated": "2024-09-27T15:34:57.072Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39432 (GCVE-0-2024-39432)

    Vulnerability from cvelistv5 – Published: 2024-09-27 07:37 – Updated: 2024-09-27 15:40
    VLAI
    Summary
    In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-121 Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Affected: Android12/Android13/Android14
    Create a notification for this product.
    unisoc t820 Affected: android_12
    Affected: android_13
    Affected: android_14
        cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t820",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android_12"
                  },
                  {
                    "status": "affected",
                    "version": "android_13"
                  },
                  {
                    "status": "affected",
                    "version": "android_14"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39432",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-27T15:37:32.827650Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-27T15:40:31.593Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-27T07:37:41.899Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39432",
        "datePublished": "2024-09-27T07:37:41.899Z",
        "dateReserved": "2024-06-25T06:13:32.358Z",
        "dateUpdated": "2024-09-27T15:40:31.593Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39431 (GCVE-0-2024-39431)

    Vulnerability from cvelistv5 – Published: 2024-09-27 07:37 – Updated: 2024-09-27 15:42
    VLAI
    Summary
    In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-121 Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Affected: Android12/Android13/Android14
    Create a notification for this product.
    unisoc t820 Affected: android_12
    Affected: android_13
    Affected: android_14
        cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*
        cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
                  "cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t820",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android_12"
                  },
                  {
                    "status": "affected",
                    "version": "android_13"
                  },
                  {
                    "status": "affected",
                    "version": "android_14"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39431",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-27T15:41:03.864954Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-27T15:42:50.544Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-27T07:37:40.908Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39431",
        "datePublished": "2024-09-27T07:37:40.908Z",
        "dateReserved": "2024-06-25T06:13:32.358Z",
        "dateUpdated": "2024-09-27T15:42:50.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39428 (GCVE-0-2024-39428)

    Vulnerability from cvelistv5 – Published: 2024-07-01 08:40 – Updated: 2024-08-02 04:26
    VLAI
    Summary
    In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-787 Out-of-bounds Write
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39428",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-01T20:53:20.461642Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-01T20:53:31.436Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:26:15.425Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-01T08:40:57.909Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39428",
        "datePublished": "2024-07-01T08:40:57.909Z",
        "dateReserved": "2024-06-25T06:13:32.357Z",
        "dateUpdated": "2024-08-02T04:26:15.425Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-39427 (GCVE-0-2024-39427)

    Vulnerability from cvelistv5 – Published: 2024-07-01 08:40 – Updated: 2024-08-02 04:26
    VLAI
    Summary
    In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • cwe-787 Out-of-bounds Write
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-39427",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-01T20:44:18.408928Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-01T20:44:25.958Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:26:14.285Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "cwe-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-01T08:40:56.972Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-39427",
        "datePublished": "2024-07-01T08:40:56.972Z",
        "dateReserved": "2024-06-25T06:13:32.357Z",
        "dateUpdated": "2024-08-02T04:26:14.285Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-52536 (GCVE-0-2023-52536)

    Vulnerability from cvelistv5 – Published: 2024-04-08 02:21 – Updated: 2025-03-26 20:26
    VLAI
    Summary
    In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T23:03:20.802Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "LOW",
                  "baseScore": 4.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-52536",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-22T16:45:38.933653Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-26T20:26:39.654Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-08T02:21:40.495Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-52536",
        "datePublished": "2024-04-08T02:21:40.495Z",
        "dateReserved": "2024-02-26T05:56:52.680Z",
        "dateUpdated": "2025-03-26T20:26:39.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-23658 (GCVE-0-2024-23658)

    Vulnerability from cvelistv5 – Published: 2024-04-08 02:21 – Updated: 2024-10-27 13:30
    VLAI
    Summary
    In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 4.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "HIGH",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-23658",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-17T14:30:56.019128Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-27T13:30:07.593Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T23:06:25.340Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-08T02:21:17.943Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2024-23658",
        "datePublished": "2024-04-08T02:21:17.943Z",
        "dateReserved": "2024-01-19T02:58:30.137Z",
        "dateUpdated": "2024-10-27T13:30:07.593Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-52352 (GCVE-0-2023-52352)

    Vulnerability from cvelistv5 – Published: 2024-04-08 02:21 – Updated: 2025-03-28 19:11
    VLAI
    Summary
    In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.2,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-52352",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-04-09T14:30:36.712418Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-862",
                    "description": "CWE-862 Missing Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-28T19:11:14.459Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T22:55:41.651Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-08T02:21:17.681Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-52352",
        "datePublished": "2024-04-08T02:21:17.681Z",
        "dateReserved": "2024-01-19T02:58:31.099Z",
        "dateUpdated": "2025-03-28T19:11:14.459Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-52351 (GCVE-0-2023-52351)

    Vulnerability from cvelistv5 – Published: 2024-04-08 02:21 – Updated: 2024-11-05 16:55
    VLAI
    Summary
    In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Affected: Android12/Android13/Android14
    Create a notification for this product.
    unisoc sc7731e Affected: android12_android13_android14
        cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc sc9832e Affected: android12_android13_android14
        cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc sc9863a Affected: android12_android13_android14
        cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t310 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t606 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t612 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t616 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t610 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t618 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t760 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t770 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t820 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc s8000 Affected: android12_android13_android14
        cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T22:55:41.567Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sc7731e",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sc9832e",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sc9863a",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t310",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t606",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t612",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t616",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t610",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t618",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t760",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t770",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "t820",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "s8000",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android12_android13_android14"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-52351",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-01T15:02:14.304772Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-05T16:55:02.465Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12/Android13/Android14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-04-08T02:21:17.415Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-52351",
        "datePublished": "2024-04-08T02:21:17.415Z",
        "dateReserved": "2024-01-19T02:58:31.099Z",
        "dateUpdated": "2024-11-05T16:55:02.465Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }