CVE-2024-39438 MEDIUM

CVE-2024-39438

Vendor Unisoc (Shanghai) Technologies Co., Ltd.
Product SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
Published October 9, 2024
Last update October 9, 2024

CVSS base score

6.5/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed.

Key dates

02Disclosure timeline

October 9, 2024 CVE published
October 9, 2024 Record updated