In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
History

Thu, 17 Oct 2024 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
CPEs cpe:2.3:o:unisoc:s8000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc7731e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc9832e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc9863a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t310_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t606_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t612_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t616_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t618_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t760_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t770_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t820_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
Vendors & Products Unisoc s8000 Firmware
Unisoc sc7731e Firmware
Unisoc sc9832e Firmware
Unisoc sc9863a Firmware
Unisoc t310 Firmware
Unisoc t606 Firmware
Unisoc t610 Firmware
Unisoc t612 Firmware
Unisoc t616 Firmware
Unisoc t618 Firmware
Unisoc t760 Firmware
Unisoc t770 Firmware
Unisoc t820 Firmware
Google
Google android

Thu, 17 Oct 2024 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Unisoc s8000 Firmware
Unisoc sc7731e Firmware
Unisoc sc9832e Firmware
Unisoc sc9863a Firmware
Unisoc t310 Firmware
Unisoc t606 Firmware
Unisoc t610 Firmware
Unisoc t612 Firmware
Unisoc t616 Firmware
Unisoc t618 Firmware
Unisoc t760 Firmware
Unisoc t770 Firmware
Unisoc t820 Firmware
Weaknesses CWE-77
CPEs cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:s8000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc7731e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc9832e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:sc9863a_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t310_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t606_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t612_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t616_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t618_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t760_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t770_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:unisoc:t820_firmware:-:*:*:*:*:*:*:*
Vendors & Products Unisoc s8000 Firmware
Unisoc sc7731e Firmware
Unisoc sc9832e Firmware
Unisoc sc9863a Firmware
Unisoc t310 Firmware
Unisoc t606 Firmware
Unisoc t610 Firmware
Unisoc t612 Firmware
Unisoc t616 Firmware
Unisoc t618 Firmware
Unisoc t760 Firmware
Unisoc t770 Firmware
Unisoc t820 Firmware

Wed, 09 Oct 2024 22:15:00 +0000

Type Values Removed Values Added
First Time appeared Unisoc
Unisoc s8000
Unisoc sc7731e
Unisoc sc9832e
Unisoc sc9863a
Unisoc t310
Unisoc t606
Unisoc t610
Unisoc t612
Unisoc t616
Unisoc t618
Unisoc t760
Unisoc t770
Unisoc t820
CPEs cpe:2.3:h:unisoc:s8000:*:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t760:*:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t770:*:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:t820:*:*:*:*:*:*:*:*
Vendors & Products Unisoc
Unisoc s8000
Unisoc sc7731e
Unisoc sc9832e
Unisoc sc9863a
Unisoc t310
Unisoc t606
Unisoc t610
Unisoc t612
Unisoc t616
Unisoc t618
Unisoc t760
Unisoc t770
Unisoc t820
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 09 Oct 2024 07:00:00 +0000

Type Values Removed Values Added
Description In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Unisoc

Published: 2024-10-09T06:43:28.078Z

Updated: 2024-10-09T21:55:01.418Z

Reserved: 2024-06-25T06:13:32.360Z

Link: CVE-2024-39437

cve-icon Vulnrichment

Updated: 2024-10-09T21:54:51.278Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-09T07:15:08.313

Modified: 2024-10-17T17:18:45.287

Link: CVE-2024-39437

cve-icon Redhat

No data.