Local Privilege Escalation Vulnerability in Unisoc WiFi Service
CVE-2023-42690

7.8HIGH

Key Information:

Vendor: Unisoc
Status: SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
Vendor: CVE Published:; 4 December 2023

What is CVE-2023-42690?

A vulnerability in Unisoc's WiFi service can potentially allow for local privilege escalation due to a missing permission check. This flaw permits an attacker to exploit this oversight without requiring additional execution privileges, thereby posing a risk to system integrity.

Affected Version(s)

SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Android11/Android12/Android13

References

https://www.unisoc.com/en_us/secy/announcementDetail/http...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 4, 2023
Vulnerability Reserved
Sep 13, 2023