CVE-2022-39094: CWE-862 Missing Authorization in Unisoc (Shanghai) Technologies Co., Ltd. SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
AI Analysis
Technical Summary
CVE-2022-39094 is a high-severity vulnerability identified in multiple Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, and a range of T-series and S-series models (e.g., T610, T310, T606, T760, T618, T612, T616, T770, T820, S8000). These chipsets are embedded in devices running Android versions 10, 11, and 12. The vulnerability stems from a missing authorization check within the power management service. Specifically, the service fails to verify permissions before allowing configuration changes, enabling an attacker with limited privileges (local access with low privileges) to manipulate power management settings without requiring additional execution privileges or user interaction. The CVSS 3.1 base score of 7.8 reflects the vulnerability’s high impact on confidentiality, integrity, and availability, as exploitation could lead to unauthorized control over power management functions, potentially allowing privilege escalation, denial of service, or disruption of device operation. The attack vector is local (AV:L), requiring low complexity (AC:L) and low privileges (PR:L), but no user interaction (UI:N). No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability is categorized under CWE-862 (Missing Authorization), indicating a failure to enforce proper access control in critical system services.
Potential Impact
For European organizations, the impact of CVE-2022-39094 can be significant, especially for those relying on devices powered by Unisoc chipsets running affected Android versions. The vulnerability could be exploited by malicious insiders or malware with local access to escalate privileges or disrupt device functionality by manipulating power management settings. This could lead to device instability, denial of service, or unauthorized access to sensitive data, impacting mobile workforce productivity and security. Industries with high reliance on mobile devices, such as telecommunications, manufacturing, healthcare, and government sectors, may face operational disruptions or data breaches. Additionally, since power management controls are critical for device stability and battery management, exploitation could cause unexpected shutdowns or hardware damage, increasing maintenance costs and downtime. The lack of required user interaction and low privilege needed for exploitation heightens the risk in environments where devices may be physically accessible or compromised through other means. The absence of known exploits currently provides a window for proactive mitigation before widespread attacks occur.
Mitigation Recommendations
1. Inventory and Identify: Organizations should identify all devices using Unisoc chipsets listed (SC9863A, SC9832E, SC7731E, T-series, and S-series) running Android 10, 11, or 12. 2. Firmware and OS Updates: Engage with device manufacturers and Unisoc to obtain and apply official patches or firmware updates addressing this vulnerability as soon as they become available. 3. Access Controls: Restrict local access to devices, especially in sensitive environments, to prevent unauthorized users from exploiting the vulnerability. 4. Endpoint Security: Deploy mobile device management (MDM) solutions that can enforce security policies, monitor for unusual power management changes, and restrict installation of untrusted applications that could leverage this flaw. 5. Network Segmentation: Limit network access for mobile devices to critical infrastructure, reducing the impact if a device is compromised. 6. Monitoring and Detection: Implement behavioral monitoring to detect anomalies in power management service behavior or device stability issues that could indicate exploitation attempts. 7. User Awareness: Train users on the risks of physical device access and encourage reporting of suspicious device behavior. 8. Incident Response Preparedness: Develop and test response plans for potential exploitation scenarios involving device instability or unauthorized access. These steps go beyond generic advice by focusing on device-specific inventory, proactive vendor engagement, and layered security controls tailored to the nature of the vulnerability.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Poland, Netherlands, Belgium, Sweden, Finland
CVE-2022-39094: CWE-862 Missing Authorization in Unisoc (Shanghai) Technologies Co., Ltd. SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
Description
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
AI-Powered Analysis
Technical Analysis
CVE-2022-39094 is a high-severity vulnerability identified in multiple Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, and a range of T-series and S-series models (e.g., T610, T310, T606, T760, T618, T612, T616, T770, T820, S8000). These chipsets are embedded in devices running Android versions 10, 11, and 12. The vulnerability stems from a missing authorization check within the power management service. Specifically, the service fails to verify permissions before allowing configuration changes, enabling an attacker with limited privileges (local access with low privileges) to manipulate power management settings without requiring additional execution privileges or user interaction. The CVSS 3.1 base score of 7.8 reflects the vulnerability’s high impact on confidentiality, integrity, and availability, as exploitation could lead to unauthorized control over power management functions, potentially allowing privilege escalation, denial of service, or disruption of device operation. The attack vector is local (AV:L), requiring low complexity (AC:L) and low privileges (PR:L), but no user interaction (UI:N). No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability is categorized under CWE-862 (Missing Authorization), indicating a failure to enforce proper access control in critical system services.
Potential Impact
For European organizations, the impact of CVE-2022-39094 can be significant, especially for those relying on devices powered by Unisoc chipsets running affected Android versions. The vulnerability could be exploited by malicious insiders or malware with local access to escalate privileges or disrupt device functionality by manipulating power management settings. This could lead to device instability, denial of service, or unauthorized access to sensitive data, impacting mobile workforce productivity and security. Industries with high reliance on mobile devices, such as telecommunications, manufacturing, healthcare, and government sectors, may face operational disruptions or data breaches. Additionally, since power management controls are critical for device stability and battery management, exploitation could cause unexpected shutdowns or hardware damage, increasing maintenance costs and downtime. The lack of required user interaction and low privilege needed for exploitation heightens the risk in environments where devices may be physically accessible or compromised through other means. The absence of known exploits currently provides a window for proactive mitigation before widespread attacks occur.
Mitigation Recommendations
1. Inventory and Identify: Organizations should identify all devices using Unisoc chipsets listed (SC9863A, SC9832E, SC7731E, T-series, and S-series) running Android 10, 11, or 12. 2. Firmware and OS Updates: Engage with device manufacturers and Unisoc to obtain and apply official patches or firmware updates addressing this vulnerability as soon as they become available. 3. Access Controls: Restrict local access to devices, especially in sensitive environments, to prevent unauthorized users from exploiting the vulnerability. 4. Endpoint Security: Deploy mobile device management (MDM) solutions that can enforce security policies, monitor for unusual power management changes, and restrict installation of untrusted applications that could leverage this flaw. 5. Network Segmentation: Limit network access for mobile devices to critical infrastructure, reducing the impact if a device is compromised. 6. Monitoring and Detection: Implement behavioral monitoring to detect anomalies in power management service behavior or device stability issues that could indicate exploitation attempts. 7. User Awareness: Train users on the risks of physical device access and encourage reporting of suspicious device behavior. 8. Incident Response Preparedness: Develop and test response plans for potential exploitation scenarios involving device instability or unauthorized access. These steps go beyond generic advice by focusing on device-specific inventory, proactive vendor engagement, and layered security controls tailored to the nature of the vulnerability.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Unisoc
- Date Reserved
- 2022-09-01T00:00:00.000Z
- Cisa Enriched
- true
Threat ID: 682d9847c4522896dcbf58b6
Added to database: 5/21/2025, 9:09:27 AM
Last enriched: 6/21/2025, 7:36:30 PM
Last updated: 7/27/2025, 12:28:24 AM
Views: 11
Related Threats
CVE-2025-8314: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in emarket-design Project Management, Bug and Issue Tracking Plugin – Software Issue Manager
MediumCVE-2025-8059: CWE-862 Missing Authorization in bplugins B Blocks – The ultimate block collection
CriticalCVE-2025-8690: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in addix Simple Responsive Slider
MediumCVE-2025-8688: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ebernstein Inline Stock Quotes
MediumCVE-2025-8685: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in emilien Wp chart generator
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.