CVE-2022-39107: CWE-862 Missing Authorization in Unisoc (Shanghai) Technologies Co., Ltd. SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
In Soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in Soundrecorder service with no additional execution privileges needed.
AI Analysis
Technical Summary
CVE-2022-39107 is a high-severity vulnerability affecting multiple Unisoc (Shanghai) Technologies Co., Ltd. chipsets including SC9863A, SC9832E, SC7731E, and various T-series models (T610, T310, T606, T760, T618, T612, T616, T770, T820, S8000). The vulnerability resides in the Soundrecorder service on devices running Android 10, 11, and 12. Specifically, the issue is a missing permission check (CWE-862) within the Soundrecorder service, which allows an attacker with limited privileges (low-level privileges) to elevate their privileges without requiring additional execution privileges or user interaction. The CVSS v3.1 base score is 7.8, indicating a high severity with impacts on confidentiality, integrity, and availability. The attack vector is local (AV:L), requiring the attacker to have some level of access to the device, but the attack complexity is low (AC:L), and no user interaction is needed (UI:N). The vulnerability allows an attacker to gain higher privileges within the device, potentially enabling unauthorized access to sensitive audio recordings or other system components controlled by the Soundrecorder service. No known exploits are currently reported in the wild, and no official patches have been linked yet. The vulnerability affects a broad range of Unisoc chipsets commonly used in budget and mid-range smartphones, many of which are deployed globally, including in Europe. The lack of authorization checks in a core media service represents a significant security risk, as it could be leveraged by malicious applications or local attackers to compromise device security and user privacy.
Potential Impact
For European organizations, especially those relying on mobile devices powered by Unisoc chipsets, this vulnerability poses a significant risk. The elevation of privilege could allow attackers to bypass security controls, access or manipulate sensitive audio data, or potentially pivot to other system components. This could lead to breaches of confidentiality (e.g., unauthorized audio recordings), integrity (e.g., tampering with recorded data), and availability (e.g., disrupting sound recording functionality). Enterprises with bring-your-own-device (BYOD) policies or those deploying Unisoc-based devices in their workforce could face increased risk of insider threats or malware exploiting this vulnerability. Additionally, sectors with high privacy and security requirements such as finance, healthcare, and government agencies in Europe could be particularly impacted if devices with this chipset are used. The vulnerability's local attack vector means physical or local access is needed, but given the widespread use of these chipsets in consumer devices, the attack surface is broad. The absence of user interaction requirement further lowers the barrier for exploitation once local access is obtained.
Mitigation Recommendations
1. Monitor for official security patches or firmware updates from device manufacturers or Unisoc and apply them promptly once available. 2. Restrict installation of untrusted or unauthorized applications on devices using Unisoc chipsets to reduce the risk of local privilege escalation. 3. Employ mobile device management (MDM) solutions to enforce strict application whitelisting and permission controls, limiting access to the Soundrecorder service. 4. Educate users about the risks of installing apps from unknown sources and the importance of device security hygiene. 5. For organizations deploying Unisoc-based devices, consider network segmentation and endpoint detection solutions to monitor for suspicious local activity indicative of exploitation attempts. 6. Where possible, disable or restrict the Soundrecorder service if not required for business operations to reduce the attack surface. 7. Conduct regular security audits and vulnerability assessments on mobile devices to detect potential exploitation or privilege escalation attempts related to this vulnerability.
Affected Countries
Germany, France, Italy, Spain, United Kingdom, Poland, Netherlands, Belgium, Sweden, Czech Republic
CVE-2022-39107: CWE-862 Missing Authorization in Unisoc (Shanghai) Technologies Co., Ltd. SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
Description
In Soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in Soundrecorder service with no additional execution privileges needed.
AI-Powered Analysis
Technical Analysis
CVE-2022-39107 is a high-severity vulnerability affecting multiple Unisoc (Shanghai) Technologies Co., Ltd. chipsets including SC9863A, SC9832E, SC7731E, and various T-series models (T610, T310, T606, T760, T618, T612, T616, T770, T820, S8000). The vulnerability resides in the Soundrecorder service on devices running Android 10, 11, and 12. Specifically, the issue is a missing permission check (CWE-862) within the Soundrecorder service, which allows an attacker with limited privileges (low-level privileges) to elevate their privileges without requiring additional execution privileges or user interaction. The CVSS v3.1 base score is 7.8, indicating a high severity with impacts on confidentiality, integrity, and availability. The attack vector is local (AV:L), requiring the attacker to have some level of access to the device, but the attack complexity is low (AC:L), and no user interaction is needed (UI:N). The vulnerability allows an attacker to gain higher privileges within the device, potentially enabling unauthorized access to sensitive audio recordings or other system components controlled by the Soundrecorder service. No known exploits are currently reported in the wild, and no official patches have been linked yet. The vulnerability affects a broad range of Unisoc chipsets commonly used in budget and mid-range smartphones, many of which are deployed globally, including in Europe. The lack of authorization checks in a core media service represents a significant security risk, as it could be leveraged by malicious applications or local attackers to compromise device security and user privacy.
Potential Impact
For European organizations, especially those relying on mobile devices powered by Unisoc chipsets, this vulnerability poses a significant risk. The elevation of privilege could allow attackers to bypass security controls, access or manipulate sensitive audio data, or potentially pivot to other system components. This could lead to breaches of confidentiality (e.g., unauthorized audio recordings), integrity (e.g., tampering with recorded data), and availability (e.g., disrupting sound recording functionality). Enterprises with bring-your-own-device (BYOD) policies or those deploying Unisoc-based devices in their workforce could face increased risk of insider threats or malware exploiting this vulnerability. Additionally, sectors with high privacy and security requirements such as finance, healthcare, and government agencies in Europe could be particularly impacted if devices with this chipset are used. The vulnerability's local attack vector means physical or local access is needed, but given the widespread use of these chipsets in consumer devices, the attack surface is broad. The absence of user interaction requirement further lowers the barrier for exploitation once local access is obtained.
Mitigation Recommendations
1. Monitor for official security patches or firmware updates from device manufacturers or Unisoc and apply them promptly once available. 2. Restrict installation of untrusted or unauthorized applications on devices using Unisoc chipsets to reduce the risk of local privilege escalation. 3. Employ mobile device management (MDM) solutions to enforce strict application whitelisting and permission controls, limiting access to the Soundrecorder service. 4. Educate users about the risks of installing apps from unknown sources and the importance of device security hygiene. 5. For organizations deploying Unisoc-based devices, consider network segmentation and endpoint detection solutions to monitor for suspicious local activity indicative of exploitation attempts. 6. Where possible, disable or restrict the Soundrecorder service if not required for business operations to reduce the attack surface. 7. Conduct regular security audits and vulnerability assessments on mobile devices to detect potential exploitation or privilege escalation attempts related to this vulnerability.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Unisoc
- Date Reserved
- 2022-09-01T00:00:00.000Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682cd0fb1484d88663aec6a0
Added to database: 5/20/2025, 6:59:07 PM
Last enriched: 7/6/2025, 11:26:28 AM
Last updated: 8/14/2025, 2:22:43 AM
Views: 14
Related Threats
CVE-2025-8967: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumCVE-2025-54867: CWE-61: UNIX Symbolic Link (Symlink) Following in youki-dev youki
HighCVE-2025-8966: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumCVE-2025-8965: Unrestricted Upload in linlinjava litemall
MediumCVE-2025-36047: CWE-770 Allocation of Resources Without Limits or Throttling in IBM WebSphere Application Server Liberty
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.