CVE-2023-40654

Description

In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

Unisoc (Shanghai) Technologies Co., Ltd. / SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000Android11 – Android11

References

MISChttps://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074