exploitDog

CVE-2022-27250

Опубликовано: 18 мар. 2022

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

The UNISOC chipset through 2022-03-15 allows attackers to obtain remote control of a mobile phone, e.g., to obtain sensitive information from text messages or the device's screen, record video of the device's physical environment, or modify data.

Ссылки

https://www.kryptowire.com/news/kryptowire-identifies-vulnerability-in-unisoc-chipset/
Third Party Advisory
https://www.kryptowire.com/news/kryptowire-identifies-vulnerability-in-unisoc-chipset/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:unisoc:unisoc_chipset:*:*:*:*:*:*:*:*

Версия до 2022-03-15 (включая)

EPSS

Процентиль: 57%

0.00357

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-6p3f-7ww5-wff4

CVSS3: 9.8

github

почти 4 года назад

The UNISOC chipset through 2022-03-15 allows attackers to obtain remote control of a mobile phone, e.g., to obtain sensitive information from text messages or the device's screen, record video of the device's physical environment, or modify data.

EPSS

Процентиль: 57%

0.00357

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

NVD-CWE-noinfo