CVE-2022-27250 Information

Description

The UNISOC chipset through 2022-03-15 allows attackers to obtain remote control of a mobile phone e.g. to obtain sensitive information from text messages or the device’s screen record video of the device’s physical environment or modify data.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://www.kryptowire.com/news/kryptowire-identifies-vulnerability-in-unisoc-chipset/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8