Missing Permission Check in Wifi Display Affects Unisoc Products
CVE-2024-39441

7.1HIGH

Key Information:

Vendor
Unisoc (shanghai) Technologies Co., Ltd.
Status
T310/t606/t612/t616/t610/t618/t750/t765/t760/t770/t820/s8000
Vendor
CVE Published:
26 February 2025

Summary

A potential security oversight in Unisoc's Wifi Display functionality has been identified, where a missing permission check could allow an attacker with local access to escalate privileges without any additional execution rights. This vulnerability highlights the importance of robust permission management within critical system functions, as unauthorized access could lead to further exploitation of the system's capabilities.

Affected Version(s)

T310/T606/T612/T616/T610/T618/T750/T765/T760/T770/T820/S8000 Android13/Android14/Android15

References

https://www.unisoc.com/en_us/secy/announcementDetail/1894...

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.