CVE-2025-9056

CVE-2025-9056

Vendor Tecno

Product com.transsion.audiosmartconnect

Weakness CWE-863 · Incorrect authorization

Published December 10, 2025

Last update December 10, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation.

Key dates

02Disclosure timeline

December 10, 2025 CVE published

December 10, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-9056

Related vulnerabilities

04Related CVE

CVE-2024-43954 WordPress Droip plugin <= 1.1.1 - Subscriber+ Settings Change/Data Exposure Vulnerability CVE-2026-6343 Mattermost Playbooks Plugin fails to enforce view permissions in list endpoints, allowing unauthorized access to public playbooks CVE-2025-1501 Incorrect authorization for traces request/download in CMC before 25.1.0 CVE-2023-2759 TAPHOME Improper Authentication in Core Platform CVE-2026-53738 Copy & Delete Posts through 1.5.4 Privilege Escalation via cdp_action_handling Handler