Security Bulletin

Summary
  • Security CVES
  • High CVE-2022-44432,CVE-2022-44431,CVE-2022-44430,CVE-2022-44429,CVE-2022-44428,CVE-2022-44427,CVE-2022-44426,CVE-2022-44425,CVE-2022-44439,CVE-2022-44438,CVE-2022-44437,CVE-2022-44436,CVE-2022-44435,CVE-2022-44434
  • Medium CVE-2022-44446,CVE-2022-44445,CVE-2022-44444,CVE-2022-44443,CVE-2022-44442,CVE-2022-44441,CVE-2022-44440,CVE-2022-44424,CVE-2022-44423,CVE-2022-44422,CVE-2022-39088,CVE-2022-39087,CVE-2022-39086,CVE-2022-39085,CVE-2022-39118,CVE-2022-39116,CVE-2022-39084,CVE-2022-39083,CVE-2022-39082,CVE-2022-39081,CVE-2022-39104,CVE-2022-38684,CVE-2022-38683,CVE-2022-38682,CVE-2022-38678
Minutia
  • CVE ID CVE-2022-44446
  • Title Buffer over read in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type CWE-126 Buffer Over-read
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 6.4
  • CVSS String CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44445
  • Title Buffer over read in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type CWE-126 Buffer Over-read
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 6.4
  • CVSS String CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44444
  • Title Integer overflow in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type CWE-191 Integer Underflow
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 6.4
  • CVSS String CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44443
  • Title Buffer over read in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type CWE-126 Buffer Over-read
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 6.4
  • CVSS String CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44442
  • Title Out-of-bounds read in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type CWE-125 Out-of-bounds Read
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 6.4
  • CVSS String CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44441
  • Title Out-of-bounds read in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type CWE-125 Out-of-bounds Read
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 6.4
  • CVSS String CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44440
  • Title Out-of-bounds read in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type CWE-125 Out-of-bounds Read
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 6.4
  • CVSS String CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44424
  • Title Denial of service in music service
  • Description

    In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-862 Missing Authorization
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 4
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44423
  • Title Denial of service in music service
  • Description

    In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-862 Missing Authorization
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 4
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44422
  • Title Denial of service in music service
  • Description

    In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-862 Missing Authorization
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 4
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-39088
  • Title Elevation of privilege in network service
  • Description

    In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-77 Improper Neutralization of Special Elements used in a Com
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 5.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-39087
  • Title Elevation of privilege in network service
  • Description

    In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-77 Improper Neutralization of Special Elements used in a Com
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 5.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-39086
  • Title Elevation of privilege in network service
  • Description

    In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-77 Improper Neutralization of Special Elements used in a Com
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 5.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-39085
  • Title Elevation of privilege in network service
  • Description

    In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-77 Improper Neutralization of Special Elements used in a Com
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 5.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-39118
  • Title Buffer Overflow in sprd_sysdump driver
  • Description

    In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

  • Technology Area kernel
  • Vulnerability Type CWE-120 Buffer Overflow
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 6.7
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-39116
  • Title Stack Overflow in sysdump driver
  • Description

    In sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

  • Technology Area kernel
  • Vulnerability Type CWE-121 Stack Overflow
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 6.7
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-39084
  • Title Elevation of privilege in network service
  • Description

    In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-77 Improper Neutralization of Special Elements used in a Com
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 6.7
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-39083
  • Title Elevation of privilege in network service
  • Description

    In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-77 Improper Neutralization of Special Elements used in a Com
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 6.7
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-39082
  • Title Elevation of privilege in network service
  • Description

    In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-77 Improper Neutralization of Special Elements used in a Com
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 6.7
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-39081
  • Title Elevation of privilege in messaging service
  • Description

    In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-77 Improper Neutralization of Special Elements used in a Com
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 6.7
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-39104
  • Title Denial of service in Contacts service
  • Description

    In contacts service, there is a missing permission check. This could lead to local denial of service in Contacts service with no additional execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-862 Missing Authorization
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 5.5
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-38684
  • Title Denial of service in contacts service
  • Description

    In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-862 Missing Authorization
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 5.5
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-38683
  • Title Denial of service in contacts service
  • Description

    In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-862 Missing Authorization
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 5.5
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-38682
  • Title Denial of service in contacts service
  • Description

    In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-862 Missing Authorization
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 5.5
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-38678
  • Title Denial of service in contacts service
  • Description

    In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-862 Missing Authorization
  • Access Vector Local
  • CVSS Rating Medium
  • CVSS Score 5.5
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44432
  • Title Integer overflow in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type CWE-190 Integer Overflow
  • Access Vector Local
  • CVSS Rating High
  • CVSS Score 7.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44431
  • Title Out-of-bounds Write in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type cwe-787 Out-of-bounds Write
  • Access Vector Local
  • CVSS Rating High
  • CVSS Score 7.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44430
  • Title Heap overflow in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type cwe-122 Heap Overflow
  • Access Vector Local
  • CVSS Rating High
  • CVSS Score 7.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44429
  • Title Heap overflow in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type cwe-122 Heap Overflow
  • Access Vector Local
  • CVSS Rating High
  • CVSS Score 7.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44428
  • Title Heap overflow in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type cwe-122 Heap Overflow
  • Access Vector Local
  • CVSS Rating High
  • CVSS Score 7.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44427
  • Title Heap overflow in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type cwe-122 Heap Overflow
  • Access Vector Local
  • CVSS Rating High
  • CVSS Score 7.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44426
  • Title Integer overflow in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type CWE-190 Integer Overflow
  • Access Vector Local
  • CVSS Rating High
  • CVSS Score 7.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44425
  • Title Integer overflow in wlan driver
  • Description

    In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

  • Technology Area WLAN Firmware
  • Vulnerability Type CWE-190 Integer Overflow
  • Access Vector Local
  • CVSS Rating High
  • CVSS Score 7.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44439
  • Title Elevation of privilege in messaging service
  • Description

    In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-862 Missing Authorization
  • Access Vector Local
  • CVSS Rating High
  • CVSS Score 7.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44438
  • Title Elevation of privilege in messaging service
  • Description

    In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-862 Missing Authorization
  • Access Vector Local
  • CVSS Rating High
  • CVSS Score 7.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44437
  • Title Elevation of privilege in messaging service
  • Description

    In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-862 Missing Authorization
  • Access Vector Local
  • CVSS Rating High
  • CVSS Score 7.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44436
  • Title Elevation of privilege in messaging service
  • Description

    In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-862 Missing Authorization
  • Access Vector Local
  • CVSS Rating High
  • CVSS Score 7.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44435
  • Title Elevation of privilege in messaging service
  • Description

    In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-862 Missing Authorization
  • Access Vector Local
  • CVSS Rating High
  • CVSS Score 7.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

  • CVE ID CVE-2022-44434
  • Title Elevation of privilege in messaging service
  • Description

    In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

  • Technology Area Android
  • Vulnerability Type CWE-862 Missing Authorization
  • Access Vector Local
  • CVSS Rating High
  • CVSS Score 7.3
  • CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
  • Affected Chipsets*

    SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

  • Affected Software Versions

    Android10/Android11/Android12

*The list of affected chipsets may not be complete. For latest information, device OEMs can contact directly at https://unisupport.unisoc.com

Vulnerability type definition
  • Abbreviation Interpretation
  • RCE Remote Code Execution
  • EoP Elevation of Privilege
  • ID Information Disclosure
  • DoS Denial of Service
  • N/A Classification not available
Version
  • Version Date Description
  • 1.0 2023-01-03