Local Escalation of Privilege in UNISOC WiFi Service
CVE-2023-42692

7.8HIGH

Key Information:

Vendor: Unisoc
Status: SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
Vendor: CVE Published:; 4 December 2023

What is CVE-2023-42692?

A vulnerability exists in the UNISOC WiFi Service that may allow a local user to bypass intended permission checks. This weakness could lead to unauthorized escalation of privileges without requiring additional execution permissions. It is crucial for administrators and users of the affected product to remain vigilant and apply security updates to mitigate potential risks associated with this flaw.

Affected Version(s)

SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Android11/Android12/Android13

References

https://www.unisoc.com/en_us/secy/announcementDetail/http...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 4, 2023
Vulnerability Reserved
Sep 13, 2023

Unisoc

What is CVE-2023-42692?

Affected Version(s)

References

CVSS V3.1

Timeline