Lucene search

UnisocCVE-2022-47324

HistoryFeb 12, 2023 - 4:15 a.m.

CVE-2022-47324

2023-02-1204:15:17

CWE-862

Unisoc

web.nvd.nist.gov

cve-2022-47324

wlan driver

local information disclosure

missing permission check

nvd

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.1

Confidence

High

EPSS

Percentile

5.1%

JSON

In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.

Affected configurations

Nvd

Node

googleandroidMatch10.0

googleandroidMatch11.0

googleandroidMatch12.0

AND

unisocs8000Match-

unisocsc7731eMatch-

unisocsc9832eMatch-

unisocsc9863aMatch-

unisoct310Match-

unisoct606Match-

unisoct610Match-

unisoct612Match-

unisoct616Match-

unisoct618Match-

unisoct760Match-

unisoct770Match-

unisoct820Match-

VendorProductVersionCPE
googleandroid10.0cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
googleandroid11.0cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
googleandroid12.0cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
unisocs8000-cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
unisocsc7731e-cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
unisocsc9832e-cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
unisocsc9863a-cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
unisoct310-cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
unisoct606-cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
unisoct610-cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	android	10.0	cpe:2.3:o:google:android:10.0:::::::*
google	android	11.0	cpe:2.3:o:google:android:11.0:::::::*
google	android	12.0	cpe:2.3:o:google:android:12.0:::::::*
unisoc	s8000	-	cpe:2.3:h:unisoc:s8000:-:::::::*
unisoc	sc7731e	-	cpe:2.3:h:unisoc:sc7731e:-:::::::*
unisoc	sc9832e	-	cpe:2.3:h:unisoc:sc9832e:-:::::::*
unisoc	sc9863a	-	cpe:2.3:h:unisoc:sc9863a:-:::::::*
unisoc	t310	-	cpe:2.3:h:unisoc:t310:-:::::::*
unisoc	t606	-	cpe:2.3:h:unisoc:t606:-:::::::*
unisoc	t610	-	cpe:2.3:h:unisoc:t610:-:::::::*

Rows per page:

1-10 of 161

CNA Affected

[
  {
    "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
    "product": "SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000",
    "versions": [
      {
        "status": "affected",
        "version": "Android10/Android11/Android12"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.1

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2022-47324