Vulnerabilidades en Unisoc (Shanghai) Technologies Co., Ltd.

647 resultados
Análisis Vexday

Com 647 CVEs catalogadas e nenhuma presença no catálogo KEV da CISA, a Unisoc apresenta taxa de exploração ativa abaixo da média geral do catálogo, o que sugere baixa pressão ofensiva documentada no momento. O tipo de falha mais recorrente é CWE-862 (ausência de verificação de autorização), padrão que, quando explorado, permite acesso não autorizado a recursos ou funcionalidades restritas e merece atenção especial em revisões de código e hardening. A CVE mais relevante no contexto atual é CVE-2025-31715, com escore EPSS de 0,0156, indicando probabilidade de exploração ainda baixa, mas que deve ser monitorada dado seu destaque entre as ameaças ativas. As 6 vulnerabilidades surgidas nos últimos 90 dias e a ausência de PoCs públicas apontam para um perfil de risco moderado, embora a presença de 4 CVEs críticas reforce a necessidade de acompanhamento contínuo das atualizações do fabricante.

CVE-2023-38459In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional executionEPSS 0.1%CVE-2023-30920In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privEPSS 0.1%CVE-2023-30918In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privEPSS 0.1%CVE-2023-30938In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privEPSS 0.1%CVE-2023-38460HIGHIn vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional executionEPSS 0.1%CVE-2023-33912In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional executiEPSS 0.1%CVE-2023-30926In opm service, there is a missing permission check. This could lead to local information disclosure with no additional execution privilegesEPSS 0.1%CVE-2023-30940In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privEPSS 0.1%CVE-2023-30932In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privEPSS 0.1%CVE-2023-32789In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privEPSS 0.1%CVE-2023-42650In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution EPSS 0.1%CVE-2023-30935In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privEPSS 0.1%CVE-2023-33906In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional executiEPSS 0.1%CVE-2022-42767MEDIUMIn wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.EPSS 0.1%CVE-2023-30930In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privEPSS 0.1%CVE-2022-42766MEDIUMIn wlan driver, there is a possible missing permission check, This could lead to local information disclosure.EPSS 0.1%CVE-2023-42638In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional executiEPSS 0.1%CVE-2023-30923In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privEPSS 0.1%CVE-2023-33908In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution pEPSS 0.1%CVE-2023-30941In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privEPSS 0.1%