ADB Exposure Vulnerability in Allwinner H616 TV Box from Allwinner Technology
CVE-2026-58378

8.6HIGH

Key Information:

Vendor

Allwinner

Status
Vendor
CVE Published:
9 July 2026

What is CVE-2026-58378?

The Allwinner H616 TV Box TV98 has an exposed ADB (Android Debug Bridge) interface, which can be accessed over the network. This exposure allows an attacker to potentially request ADB authorization. If the user inadvertently permits this access, the attacker could achieve root-level privileges, compromising the device's security and allowing for unauthorized operations.

Affected Version(s)

H616 0

References

CVSS V4

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

RelunSec
.