Skip to main content

CVE-2022-39097: CWE-862 Missing Authorization in Unisoc (Shanghai) Technologies Co., Ltd. SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

High
Published: Tue Dec 06 2022 (12/06/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: Unisoc (Shanghai) Technologies Co., Ltd.
Product: SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000

Description

In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.

AI-Powered Analysis

AILast updated: 06/21/2025, 19:25:12 UTC

Technical Analysis

CVE-2022-39097 is a high-severity vulnerability identified in the power management service of several Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T618, T612, T616, T770, T820, and S8000. These chipsets are integrated into devices running Android 10, 11, and 12. The root cause of the vulnerability is a missing authorization check (CWE-862) within the power management service, which allows an attacker with limited privileges (low-level privileges) to configure or manipulate the power management service without requiring additional execution privileges or user interaction. The vulnerability has a CVSS v3.1 base score of 7.8, indicating high severity, with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. This means the attack requires local access (local vector), low attack complexity, and low privileges but no user interaction. The impact on confidentiality, integrity, and availability is high, as an attacker can potentially escalate privileges or disrupt power management functions, leading to system instability, denial of service, or unauthorized control over device power states. The vulnerability affects a broad range of Unisoc chipsets commonly used in budget and mid-range smartphones, tablets, and IoT devices. No public exploits are currently known in the wild, and no official patches have been linked yet, though the vulnerability was reserved in early September 2022 and published in December 2022. The missing authorization check in a critical system service like power management poses a significant risk, especially given the widespread deployment of affected chipsets in consumer and industrial devices running Android versions 10 through 12.

Potential Impact

For European organizations, the vulnerability presents a significant risk primarily in environments where devices powered by Unisoc chipsets are deployed. This includes sectors relying on cost-effective Android devices such as telecommunications, retail, logistics, and certain IoT deployments. Exploitation could lead to unauthorized privilege escalation, allowing attackers to manipulate device power states, potentially causing denial of service or persistent compromise. This could disrupt business operations, especially in critical infrastructure or supply chain contexts where device availability and integrity are paramount. Additionally, compromised devices could serve as footholds for lateral movement within corporate networks, increasing the risk of broader cyberattacks. The high impact on confidentiality, integrity, and availability means sensitive data on affected devices could be exposed or altered. Given the lack of user interaction required and the low privilege needed to exploit, insider threats or malware already present on devices could leverage this vulnerability effectively. The absence of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially as threat actors often reverse-engineer disclosed vulnerabilities to develop exploits.

Mitigation Recommendations

1. Inventory and Identification: European organizations should identify all devices using Unisoc chipsets listed in the vulnerability, focusing on Android 10-12 devices. 2. Firmware and OS Updates: Engage with device manufacturers and vendors to obtain and deploy firmware or OS patches addressing CVE-2022-39097 as soon as they become available. 3. Access Controls: Restrict local access to devices, especially in sensitive environments, to limit opportunities for attackers to exploit the vulnerability. 4. Endpoint Security: Deploy endpoint detection and response (EDR) solutions capable of monitoring unusual power management service behavior or privilege escalation attempts. 5. Network Segmentation: Isolate devices with Unisoc chipsets from critical network segments to contain potential compromises. 6. Application Whitelisting: Limit installation and execution of unauthorized applications that could exploit this vulnerability. 7. User Awareness and Policies: Educate users about risks of local device access and enforce policies to prevent unauthorized physical or remote access. 8. Monitor Vendor Communications: Stay updated with Unisoc and device manufacturers for patches and advisories. 9. Incident Response Preparedness: Prepare for potential exploitation scenarios by updating incident response plans to include this vulnerability. These steps go beyond generic advice by emphasizing device inventory, vendor engagement, and network-level controls tailored to the specific chipset and vulnerability context.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
Unisoc
Date Reserved
2022-09-01T00:00:00.000Z
Cisa Enriched
true

Threat ID: 682d9847c4522896dcbf58c2

Added to database: 5/21/2025, 9:09:27 AM

Last enriched: 6/21/2025, 7:25:12 PM

Last updated: 8/13/2025, 8:22:23 AM

Views: 15

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats