CVE-2022-38691

Summary

In BootROM, there is a possible missing validation for Certificate Type 0. This could lead to local escalation of privilege with no additional execution privileges needed.

Affected Software

VendorProductVersion RangeStatus
Unisoc (Shanghai) Technologies Co., Ltd.SC9863A//T310/T610/T618//affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References