Skip to main content

CVE-2022-39096: CWE-862 Missing Authorization in Unisoc (Shanghai) Technologies Co., Ltd. SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

High
Published: Tue Dec 06 2022 (12/06/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: Unisoc (Shanghai) Technologies Co., Ltd.
Product: SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

Description

In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.

AI-Powered Analysis

AILast updated: 06/21/2025, 19:25:28 UTC

Technical Analysis

CVE-2022-39096 is a high-severity vulnerability identified in the power management service of several Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, and multiple T-series models (T310, T606, T610, T618, T612, T616, T760, T770, T820, S8000). These chipsets are integrated into devices running Android versions 10, 11, and 12. The root cause of the vulnerability is a missing authorization check (CWE-862) within the power management service, which allows an attacker with limited privileges (low-level privileges) to configure or manipulate power management settings without requiring additional execution privileges or user interaction. The CVSS 3.1 base score of 7.8 reflects the significant impact on confidentiality, integrity, and availability, with the attack vector being local (AV:L), low attack complexity (AC:L), requiring low privileges (PR:L), and no user interaction (UI:N). The vulnerability scope is unchanged (S:U), meaning the impact is confined to the vulnerable component. Exploitation could lead to unauthorized control over power management functions, potentially allowing privilege escalation, denial of service through power mismanagement, or disruption of device stability and operation. Although no known exploits are currently reported in the wild, the vulnerability's characteristics make it a critical concern for devices using affected Unisoc chipsets, especially in environments where local access or compromised applications exist. The absence of patches at the time of reporting further increases the risk profile for affected devices.

Potential Impact

For European organizations, the impact of CVE-2022-39096 can be significant, particularly for those relying on mobile devices or embedded systems powered by Unisoc chipsets running Android 10-12. The vulnerability could enable attackers to manipulate device power management, leading to potential denial of service, reduced device availability, or unauthorized privilege escalation. This could disrupt business operations, especially in sectors dependent on mobile communications, IoT devices, or embedded systems such as manufacturing, logistics, and critical infrastructure monitoring. Confidentiality and integrity of data on affected devices could also be compromised if attackers leverage this vulnerability to escalate privileges and access sensitive information or inject malicious code. The local attack vector suggests that insider threats or malware with limited privileges could exploit this flaw, increasing the risk in environments with less stringent endpoint security controls. Given the widespread use of Android devices across European enterprises and public sector organizations, the vulnerability poses a tangible risk to operational continuity and data security.

Mitigation Recommendations

1. Immediate device inventory and identification: Organizations should identify all devices using Unisoc chipsets listed (SC9863A, SC9832E, SC7731E, T-series models) running Android 10, 11, or 12. 2. Apply vendor updates: Monitor Unisoc and device manufacturers for security patches addressing CVE-2022-39096 and apply them promptly once available. 3. Restrict local access: Enforce strict access controls on devices to prevent unauthorized local access, including disabling or limiting debug interfaces and restricting installation of untrusted applications. 4. Harden endpoint security: Deploy endpoint detection and response (EDR) solutions capable of detecting anomalous behavior related to power management service manipulation. 5. Implement application whitelisting: Prevent installation or execution of unauthorized applications that could exploit the vulnerability. 6. Monitor device logs: Enable detailed logging of power management service activities and monitor for unusual configuration changes indicative of exploitation attempts. 7. Network segmentation: Isolate critical devices to limit lateral movement in case of compromise. 8. User awareness and training: Educate users on risks of installing untrusted applications and the importance of device security hygiene. These measures, combined with timely patching, will reduce the attack surface and mitigate exploitation risks.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
Unisoc
Date Reserved
2022-09-01T00:00:00.000Z
Cisa Enriched
true

Threat ID: 682d9847c4522896dcbf58be

Added to database: 5/21/2025, 9:09:27 AM

Last enriched: 6/21/2025, 7:25:28 PM

Last updated: 8/11/2025, 6:45:58 AM

Views: 12

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats