The UNISOC chipset through 2022-03-15 allows attackers to obtain remote control of a mobile phone, e.g., to obtain sensitive information from text messages or the device's screen, record video of the device's physical environment, or modify data.
9.8CVSS
9AI Score
0.002EPSS
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
5.5CVSS
5.2AI Score
0.0004EPSS