Multiple vulnerabilities in Unisoc chipsets
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2024-39435 CVE-2024-39434 CVE-2024-39433 CVE-2024-39432 CVE-2024-39431 |
| CWE-ID | CWE-77 CWE-125 CWE-787 CWE-121 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
SC7731E Mobile applications / Mobile firmware & hardware SC9832E Mobile applications / Mobile firmware & hardware SC9863A Mobile applications / Mobile firmware & hardware T310 Mobile applications / Mobile firmware & hardware T606 Mobile applications / Mobile firmware & hardware T612 Mobile applications / Mobile firmware & hardware T616 Mobile applications / Mobile firmware & hardware T610 Mobile applications / Mobile firmware & hardware T618 Mobile applications / Mobile firmware & hardware T760 Mobile applications / Mobile firmware & hardware T770 Mobile applications / Mobile firmware & hardware T820 Mobile applications / Mobile firmware & hardware S8000 Mobile applications / Mobile firmware & hardware |
| Vendor | UNISOC |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Command injection
EUVDB-ID: #VU96750
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39435
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a possible missing verification incorrect input within the Logmanager service in Android. A local privileged application can execute arbitrary code.
MitigationInstall security update from vendor's website.
Vulnerable software versionsSC7731E: All versions
SC9832E: All versions
SC9863A: All versions
T310: All versions
T606: All versions
T612: All versions
T616: All versions
T610: All versions
T618: All versions
T760: All versions
T770: All versions
T820: All versions
S8000: All versions
CPE2.3- cpe:2.3:a:unisoc:sc7731e:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:sc9832e:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:sc9863a:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t310:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t606:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t612:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t616:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t610:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t618:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t760:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t770:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t820:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:s8000:*:*:*:*:*:*:*:*
https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU96751
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39434
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to a possible out of bounds read due to a missing bounds check within the media service in Android. A local application can perform a denial of service (DoS) attack.
MitigationInstall security update from vendor's website.
Vulnerable software versionsT606: All versions
T612: All versions
T616: All versions
T610: All versions
T618: All versions
T760: All versions
T770: All versions
T820: All versions
S8000: All versions
CPE2.3- cpe:2.3:a:unisoc:t606:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t612:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t616:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t610:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t618:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t760:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t770:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t820:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:s8000:*:*:*:*:*:*:*:*
https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds write
EUVDB-ID: #VU96752
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39433
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to a possible out of bounds write due to a missing bounds check within the media service in Android. A local application can perform a denial of service (DoS) attack.
MitigationInstall security update from vendor's website.
Vulnerable software versionsT606: All versions
T612: All versions
T616: All versions
T610: All versions
T618: All versions
T760: All versions
T770: All versions
T820: All versions
S8000: All versions
CPE2.3- cpe:2.3:a:unisoc:t606:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t612:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t616:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t610:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t618:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t760:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t770:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t820:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:s8000:*:*:*:*:*:*:*:*
https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Stack-based buffer overflow
EUVDB-ID: #VU96753
Risk: High
CVSSv4.0: 5.2 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-39432
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to a possible out of bounds read due to a missing bounds check within the UMTS RLC driver in Modem. A remote attacker can execute arbitrary code.
MitigationInstall security update from vendor's website.
Vulnerable software versionsSC7731E: All versions
SC9832E: All versions
SC9863A: All versions
T310: All versions
T606: All versions
T612: All versions
T616: All versions
T610: All versions
T618: All versions
T760: All versions
T770: All versions
T820: All versions
S8000: All versions
CPE2.3- cpe:2.3:a:unisoc:sc7731e:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:sc9832e:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:sc9863a:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t310:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t606:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t612:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t616:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t610:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t618:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t760:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t770:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t820:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:s8000:*:*:*:*:*:*:*:*
https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Stack-based buffer overflow
EUVDB-ID: #VU96754
Risk: High
CVSSv4.0: 5.2 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-39431
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to a possible out of bounds write due to a missing bounds check within the UMTS RLC driver in Modem. A remote attacker can execute arbitrary code.
MitigationInstall security update from vendor's website.
Vulnerable software versionsSC7731E: All versions
SC9832E: All versions
SC9863A: All versions
T310: All versions
T606: All versions
T612: All versions
T616: All versions
T610: All versions
T618: All versions
T760: All versions
T770: All versions
T820: All versions
S8000: All versions
CPE2.3- cpe:2.3:a:unisoc:sc7731e:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:sc9832e:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:sc9863a:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t310:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t606:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t612:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t616:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t610:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t618:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t760:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t770:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:t820:*:*:*:*:*:*:*:*
- cpe:2.3:a:unisoc:s8000:*:*:*:*:*:*:*:*
https://www.unisoc.com/en_us/secy/announcementDetail/1830802995705610241
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
