Refine your search
163 vulnerabilities found for SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 by Unisoc (Shanghai) Technologies Co., Ltd.
CVE-2024-39438 (GCVE-0-2024-39438)
Vulnerability from cvelistv5
Published
2024-10-09 06:43
Modified
2024-10-09 18:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android13/Android14 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc7731e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9832e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9863a",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t310",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t606",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t612",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t616",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t610",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t618",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t760",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t770",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "s8000",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android13"
},
{
"status": "affected",
"version": "android14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39438",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T18:35:42.803689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T18:52:15.994Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T06:43:29.015Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39438",
"datePublished": "2024-10-09T06:43:29.015Z",
"dateReserved": "2024-06-25T06:13:32.360Z",
"dateUpdated": "2024-10-09T18:52:15.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39437 (GCVE-0-2024-39437)
Vulnerability from cvelistv5
Published
2024-10-09 06:43
Modified
2024-10-09 21:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android13/Android14 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39437",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T21:53:32.597384Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T21:55:01.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T06:43:28.078Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39437",
"datePublished": "2024-10-09T06:43:28.078Z",
"dateReserved": "2024-06-25T06:13:32.360Z",
"dateUpdated": "2024-10-09T21:55:01.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39436 (GCVE-0-2024-39436)
Vulnerability from cvelistv5
Published
2024-10-09 06:43
Modified
2024-10-09 21:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android13/Android14 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39436",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T21:41:00.434575Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T21:53:14.786Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T06:43:27.037Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39436",
"datePublished": "2024-10-09T06:43:27.037Z",
"dateReserved": "2024-06-25T06:13:32.359Z",
"dateUpdated": "2024-10-09T21:53:14.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39435 (GCVE-0-2024-39435)
Vulnerability from cvelistv5
Published
2024-09-27 07:37
Modified
2024-09-27 15:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- cwe-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
In Logmanager service, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android12/Android13/Android14 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_12"
},
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39435",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T15:22:29.003921Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T15:34:57.072Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Logmanager service, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T07:37:44.941Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39435",
"datePublished": "2024-09-27T07:37:44.941Z",
"dateReserved": "2024-06-25T06:13:32.358Z",
"dateUpdated": "2024-09-27T15:34:57.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39432 (GCVE-0-2024-39432)
Vulnerability from cvelistv5
Published
2024-09-27 07:37
Modified
2024-09-27 15:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- cwe-121 Stack-based Buffer Overflow
Summary
In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android12/Android13/Android14 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_12"
},
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39432",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T15:37:32.827650Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T15:40:31.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T07:37:41.899Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39432",
"datePublished": "2024-09-27T07:37:41.899Z",
"dateReserved": "2024-06-25T06:13:32.358Z",
"dateUpdated": "2024-09-27T15:40:31.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39431 (GCVE-0-2024-39431)
Vulnerability from cvelistv5
Published
2024-09-27 07:37
Modified
2024-09-27 15:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- cwe-121 Stack-based Buffer Overflow
Summary
In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android12/Android13/Android14 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*",
"cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android_12"
},
{
"status": "affected",
"version": "android_13"
},
{
"status": "affected",
"version": "android_14"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39431",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T15:41:03.864954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T15:42:50.544Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T07:37:40.908Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39431",
"datePublished": "2024-09-27T07:37:40.908Z",
"dateReserved": "2024-06-25T06:13:32.358Z",
"dateUpdated": "2024-09-27T15:42:50.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39428 (GCVE-0-2024-39428)
Vulnerability from cvelistv5
Published
2024-07-01 08:40
Modified
2024-08-02 04:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- cwe-787 Out-of-bounds Write
Summary
In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android12/Android13/Android14 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39428",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T20:53:20.461642Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T20:53:31.436Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:15.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T08:40:57.909Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39428",
"datePublished": "2024-07-01T08:40:57.909Z",
"dateReserved": "2024-06-25T06:13:32.357Z",
"dateUpdated": "2024-08-02T04:26:15.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39427 (GCVE-0-2024-39427)
Vulnerability from cvelistv5
Published
2024-07-01 08:40
Modified
2024-08-02 04:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- cwe-787 Out-of-bounds Write
Summary
In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android12/Android13/Android14 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39427",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T20:44:18.408928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T20:44:25.958Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:14.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T08:40:56.972Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-39427",
"datePublished": "2024-07-01T08:40:56.972Z",
"dateReserved": "2024-06-25T06:13:32.357Z",
"dateUpdated": "2024-08-02T04:26:14.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52536 (GCVE-0-2023-52536)
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2025-03-26 20:26
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android12/Android13/Android14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:03:20.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52536",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T16:45:38.933653Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T20:26:39.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:40.495Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777148475750809602"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52536",
"datePublished": "2024-04-08T02:21:40.495Z",
"dateReserved": "2024-02-26T05:56:52.680Z",
"dateUpdated": "2025-03-26T20:26:39.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23658 (GCVE-0-2024-23658)
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-10-27 13:30
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android12/Android13/Android14 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23658",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T14:30:56.019128Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-27T13:30:07.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:25.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.943Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2024-23658",
"datePublished": "2024-04-08T02:21:17.943Z",
"dateReserved": "2024-01-19T02:58:30.137Z",
"dateUpdated": "2024-10-27T13:30:07.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52352 (GCVE-0-2023-52352)
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2025-03-28 19:11
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android13/Android14 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52352",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T14:30:36.712418Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T19:11:14.459Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.651Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.681Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52352",
"datePublished": "2024-04-08T02:21:17.681Z",
"dateReserved": "2024-01-19T02:58:31.099Z",
"dateUpdated": "2025-03-28T19:11:14.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52351 (GCVE-0-2023-52351)
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-11-05 16:55
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android12/Android13/Android14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc7731e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9832e",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sc9863a",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t310",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t606",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t612",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t616",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t610",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t618",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t760",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t770",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "t820",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
},
{
"cpes": [
"cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "s8000",
"vendor": "unisoc",
"versions": [
{
"status": "affected",
"version": "android12_android13_android14"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T15:02:14.304772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T16:55:02.465Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.415Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52351",
"datePublished": "2024-04-08T02:21:17.415Z",
"dateReserved": "2024-01-19T02:58:31.099Z",
"dateUpdated": "2024-11-05T16:55:02.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52350 (GCVE-0-2023-52350)
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2025-03-27 20:36
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android12/Android13/Android14 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-08T13:03:32.020840Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T20:36:42.973Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:17.148Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52350",
"datePublished": "2024-04-08T02:21:17.148Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2025-03-27T20:36:42.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52349 (GCVE-0-2023-52349)
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2025-03-28 19:15
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android12/Android13/Android14 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52349",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T14:26:50.461773Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T19:15:28.412Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:16.875Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52349",
"datePublished": "2024-04-08T02:21:16.875Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2025-03-28T19:15:28.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52348 (GCVE-0-2023-52348)
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-11-19 21:31
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android12/Android13/Android14 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52348",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T19:41:10.773102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T21:31:04.308Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:16.603Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52348",
"datePublished": "2024-04-08T02:21:16.603Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2024-11-19T21:31:04.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52347 (GCVE-0-2023-52347)
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-11-01 14:55
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android12/Android13/Android14 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52347",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T14:24:55.345349Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T14:55:33.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:16.328Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52347",
"datePublished": "2024-04-08T02:21:16.328Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2024-11-01T14:55:33.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52346 (GCVE-0-2023-52346)
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-11-04 17:31
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android12/Android13/Android14 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52346",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-08T16:05:36.855182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T17:31:44.800Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:16.048Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52346",
"datePublished": "2024-04-08T02:21:16.048Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2024-11-04T17:31:44.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52345 (GCVE-0-2023-52345)
Vulnerability from cvelistv5
Published
2024-04-08 02:21
Modified
2024-12-03 16:58
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android12/Android13/Android14 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52345",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-31T18:11:54.730765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-922",
"description": "CWE-922 Insecure Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T16:58:54.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android12/Android13/Android14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T02:21:15.765Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-52345",
"datePublished": "2024-04-08T02:21:15.765Z",
"dateReserved": "2024-01-19T02:58:31.098Z",
"dateUpdated": "2024-12-03T16:58:54.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48359 (GCVE-0-2023-48359)
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2025-06-20 18:12
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In autotest driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android11/Android12/Android13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48359",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-18T14:09:21.684844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:12:40.890Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In autotest driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:54.312Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48359",
"datePublished": "2024-01-18T02:44:54.312Z",
"dateReserved": "2023-11-15T08:11:00.392Z",
"dateUpdated": "2025-06-20T18:12:40.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48358 (GCVE-0-2023-48358)
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2025-06-20 18:11
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In drm driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android11/Android12/Android13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48358",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-18T14:09:21.684844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:11:58.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In drm driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:54.074Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48358",
"datePublished": "2024-01-18T02:44:54.074Z",
"dateReserved": "2023-11-15T08:11:00.392Z",
"dateUpdated": "2025-06-20T18:11:58.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48357 (GCVE-0-2023-48357)
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2025-06-20 18:11
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In vsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android11/Android12/Android13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48357",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-18T14:09:21.684844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:11:19.541Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In vsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:53.807Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48357",
"datePublished": "2024-01-18T02:44:53.807Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2025-06-20T18:11:19.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48356 (GCVE-0-2023-48356)
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2025-06-20 18:10
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android11/Android12/Android13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48356",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-18T14:09:21.684844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:10:34.797Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:53.563Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48356",
"datePublished": "2024-01-18T02:44:53.563Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2025-06-20T18:10:34.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48355 (GCVE-0-2023-48355)
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2025-06-20 18:09
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android11/Android12/Android13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-18T14:09:21.684844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:09:53.924Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:53.324Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48355",
"datePublished": "2024-01-18T02:44:53.324Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2025-06-20T18:09:53.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48354 (GCVE-0-2023-48354)
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2025-06-20 18:09
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android11/Android12/Android13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.794Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48354",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-18T14:14:12.403192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:09:11.813Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:53.084Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48354",
"datePublished": "2024-01-18T02:44:53.084Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2025-06-20T18:09:11.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48353 (GCVE-0-2023-48353)
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2025-06-20 18:08
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In vsp driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android11/Android12/Android13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48353",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-18T14:14:12.403192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:08:20.629Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In vsp driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:52.799Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48353",
"datePublished": "2024-01-18T02:44:52.799Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2025-06-20T18:08:20.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48352 (GCVE-0-2023-48352)
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2025-06-20 18:06
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In phasecheckserver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android11/Android12/Android13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48352",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-18T14:14:12.403192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:06:20.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12/Android13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In phasecheckserver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:52.558Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48352",
"datePublished": "2024-01-18T02:44:52.558Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2025-06-20T18:06:20.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48351 (GCVE-0-2023-48351)
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2025-06-20 18:05
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android11/Android12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.818Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-18T14:14:12.403192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:05:39.693Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:52.310Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48351",
"datePublished": "2024-01-18T02:44:52.310Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2025-06-20T18:05:39.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48350 (GCVE-0-2023-48350)
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2025-06-20 18:04
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android11/Android12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-18T14:14:12.403192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:04:57.878Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:52.068Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48350",
"datePublished": "2024-01-18T02:44:52.068Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2025-06-20T18:04:57.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48349 (GCVE-0-2023-48349)
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2025-06-20 18:04
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android11/Android12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:34.435Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48349",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-18T14:14:12.403192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:04:14.721Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:51.800Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48349",
"datePublished": "2024-01-18T02:44:51.800Z",
"dateReserved": "2023-11-15T08:11:00.391Z",
"dateUpdated": "2025-06-20T18:04:14.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48348 (GCVE-0-2023-48348)
Vulnerability from cvelistv5
Published
2024-01-18 02:44
Modified
2025-06-20 18:03
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unisoc (Shanghai) Technologies Co., Ltd. | SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 |
Version: Android11/Android12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:30:33.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48348",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-18T14:14:12.403192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:03:30.698Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
"vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "Android11/Android12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T02:44:51.548Z",
"orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"shortName": "Unisoc"
},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
"assignerShortName": "Unisoc",
"cveId": "CVE-2023-48348",
"datePublished": "2024-01-18T02:44:51.548Z",
"dateReserved": "2023-11-15T08:11:00.390Z",
"dateUpdated": "2025-06-20T18:03:30.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}