CVE-2022-27250

The UNISOC chipset through 2022-03-15 allows attackers to obtain remote control of a mobile phone, e.g., to obtain sensitive information from text messages or the device's screen, record video of the device's physical environment, or modify data.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
unisocunisoc_chipset
𝑥
≤ 2022-03-15
𝑥
= Vulnerable software versions
References
https://www.kryptowire.com/news/kryptowire-identifies-vulnerability-in-unisoc-chipset/
https://www.kryptowire.com/news/kryptowire-identifies-vulnerability-in-unisoc-chipset/