Firewall Service Vulnerability in Unisoc Product
CVE-2022-47361

7.8HIGH

Key Information:

Vendor

Unisoc (shanghai) Technologies Co., Ltd.

Status
Sc9863a/sc9832e/sc7731e/t610/t310/t606/t760/t610/t618/t606/t612/t616/t760/t770/t820/s8000
Vendor
CVE Published:
12 February 2023

What is CVE-2022-47361?

The firewall service in Unisoc products contains a flaw where an essential permission check is absent. This vulnerability could allow an attacker with local access to escalate their privileges, potentially enabling them to execute commands with elevated system permissions. Immediate action is advised for users of the affected services to mitigate risks associated with this security issue.

Affected Version(s)

SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 Android10/Android11/Android12

References

https://www.unisoc.com/en_us/secy/announcementDetail/1621...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.