Security Bulletin
- Security CVES
- Medium CVE-2023-33916,CVE-2023-33917,CVE-2023-33918,CVE-2023-38436,CVE-2023-38437,CVE-2023-38438,CVE-2023-38439,CVE-2023-38440,CVE-2023-38441,CVE-2023-38442,CVE-2023-38443,CVE-2023-38444,CVE-2023-38445,CVE-2023-38446,CVE-2023-38447,CVE-2023-38448,CVE-2023-38449,CVE-2023-38450,CVE-2023-38451,CVE-2023-38452,CVE-2023-38453,CVE-2023-38454,CVE-2023-38455,CVE-2023-38456,CVE-2023-38457,CVE-2023-38458,CVE-2023-38459,CVE-2023-38460,CVE-2023-38461,CVE-2023-38462,CVE-2023-38463,CVE-2023-38464,CVE-2023-38465,CVE-2023-38466,CVE-2023-38467,CVE-2023-38468,CVE-2023-38553,CVE-2023-38554,CVE-2022-47352,CVE-2022-47353,CVE-2022-48452,CVE-2022-48453,CVE-2023-33914,CVE-2023-33915
- CVE ID CVE-2023-33916
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-33917
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-33918
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38436
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38437
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38438
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38439
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38440
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38441
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38442
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38443
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38444
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38445
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38446
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38447
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38448
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38449
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38450
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38451
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38452
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38453
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifi service
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38454
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifi service
- Description
In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38455
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38456
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38457
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38458
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38459
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38460
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38461
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38462
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38463
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38464
- Title Exposure of Sensitive Information to an Unauthorized Actor,in vowifiservice
- Description
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
- Technology Area Android
- Vulnerability Type CWE-200Exposureof Sensitive Information to anUnauthorizedActor
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T606/T612/T616/T610/T618
- Affected Software Versions
Android11
- CVE ID CVE-2023-38465
- Title Missing Authorization,in ims service
- Description
In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
- Technology Area Android
- Vulnerability Type cwe-862 Missing Authorization
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4.2
- CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
- Affected Chipsets*
SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
- Affected Software Versions
Android11/Android12
- CVE ID CVE-2023-38466
- Title Missing Authorization,in ims service
- Description
In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
- Technology Area Android
- Vulnerability Type cwe-862 Missing Authorization
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4.2
- CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
- Affected Chipsets*
SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
- Affected Software Versions
Android11/Android12
- CVE ID CVE-2023-38467
- Title Out-of-bounds Write,in urild service
- Description
In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
- Technology Area Android
- Vulnerability Type cwe-787 Out-of-bounds Write
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 6.7
- CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
- Affected Software Versions
Android11/Android12/Android13
- CVE ID CVE-2023-38468
- Title Out-of-bounds Write,in urild service
- Description
In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
- Technology Area Android
- Vulnerability Type cwe-787 Out-of-bounds Write
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 6.7
- CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
- Affected Software Versions
Android11/Android12/Android13
- CVE ID CVE-2023-38553
- Title Out-of-bounds Write,in gnss service
- Description
In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed
- Technology Area WCN
- Vulnerability Type cwe-787 Out-of-bounds Write
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 5.3
- CVSS String CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
- Affected Software Versions
Android11
- CVE ID CVE-2023-38554
- Title Out-of-bounds Write,in wcn bsp driver
- Description
In wcn bsp driver, there is a possible out of bounds write due to a missing bounds check.This could lead to local denial of service with no additional execution privileges
- Technology Area WCN
- Vulnerability Type cwe-787 Out-of-bounds Write
- Access Vector local
- CVSS Rating Medium
- CVSS Score 4.4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
- Affected Software Versions
Android11/Android12/Android13
- CVE ID CVE-2022-47352
- Title Out-of-bounds Read,in camera driver
- Description
In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
- Technology Area Kernel
- Vulnerability Type cwe-125 Out-of-bounds Read
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4.4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
- Affected Chipsets*
T610/T618
- Affected Software Versions
Android11/Android12/Android13
- CVE ID CVE-2022-47353
- Title Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'),in vdsp device
- Description
In vdsp device, there is a possible system crash due to improper input validation.This could lead to local denial of service with System execution privileges needed
- Technology Area Kernel
- Vulnerability Type cwe-362 Concurrent Execution using Shared Resource
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 5.6
- CVSS String CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H
- Affected Chipsets*
T610/T618/T760/T770/T820/S8000
- Affected Software Versions
Android11
- CVE ID CVE-2022-48452
- Title Missing Authorization,in Ifaa service
- Description
In Ifaa service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed
- Technology Area Android
- Vulnerability Type cwe-862 Missing Authorization
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 5.1
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
- Affected Software Versions
Android11/Android12/Android13
- CVE ID CVE-2022-48453
- Title Out-of-bounds Write,in camera driver
- Description
In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
- Technology Area Kernel
- Vulnerability Type cwe-787 Out-of-bounds Write
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 4.4
- CVSS String CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
- Affected Chipsets*
SC7731E
- Affected Software Versions
Android11/Android12/Android13
- CVE ID CVE-2023-33914
- Title Improper Handling of Missing Values,in NIA0 algorithm in Security Mode Command
- Description
In NIA0 algorithm in Security Mode Command, there is a possible missing verification incorrect input. This could lead to remote information disclosure no additional execution privileges needed
- Technology Area Modem
- Vulnerability Type cwe-230 Improper Handling of Missing Values
- Access Vector Network
- CVSS Rating Medium
- CVSS Score 6.4
- CVSS String CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L
- Affected Chipsets*
T760/T770/T820/S8000
- Affected Software Versions
Android11/Android12/Android13
- CVE ID CVE-2023-33915
- Title Improper Check or Handling of Exceptional Conditions,in LTE protocol stack
- Description
In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed
- Technology Area Modem
- Vulnerability Type cwe-703 Improper Check or Handling of Exceptional Conditions
- Access Vector Adjacent
- CVSS Rating Medium
- CVSS Score 4.2
- CVSS String CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
- Affected Chipsets*
T760/T770/T820/S8000
- Affected Software Versions
Android11
*The list of affected chipsets may not be complete. For latest information, device OEMs can contact directly at https://unisupport.unisoc.com
- Abbreviation Interpretation
- RCE Remote Code Execution
- EoP Elevation of Privilege
- ID Information Disclosure
- DoS Denial of Service
- N/A Classification not available
- Version Date Description
- 1.0 2023-09-03