Missing Permission Check in sprd ssense Service by Unisoc
CVE-2024-39442

6.2MEDIUM

Key Information:

Vendor

Unisoc (shanghai) Technologies Co., Ltd.

Status
Sc7731e/sc9832e/sc9863a/t310/t606/t612/t616/t610/t618/t750/t765/t760/t770/t820/s8000/t8300/t9300
Vendor
CVE Published:
6 May 2025

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2024-39442?

The sprd ssense service by Unisoc has a vulnerability associated with a missing permission check, which may allow unauthorized local information disclosure. This issue does not require additional execution privileges, making it particularly concerning for users who might inadvertently expose sensitive information without realizing the risk. It is crucial for users and administrators to be aware of this vulnerability and take necessary precautions to secure their systems.

Affected Version(s)

SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T750/T765/T760/T770/T820/S8000/T8300/T9300 Android13/Android14/Android15

News Articles

favicon imageINCIBE

Vulnerabilities | INCIBE | INCIBE

CVE-2024-39442 Publication date: 06/05/2025 In sprd ssense service, there is a possible missing permission check. This could lead to local...

2 weeks ago

favicon imageINCIBE

Vulnerabilidades | INCIBE | INCIBE

CVE-2024-39442 Fecha de publicación: 06/05/2025 *** Pendiente de traducción *** In sprd ssense service, there is a possible...

2 weeks ago

References

https://www.unisoc.com/en_us/secy/announcementDetail/1919...

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by INCIBE

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2024-39442 : Missing Permission Check in sprd ssense Service by Unisoc