CVE-2022-38691

High CVSS: 7.8

In BootROM, there is a possible missing validation for Certificate Type 0. This could lead to local escalation of privilege with no additional execution privileges needed.

Vendor

Product

CWE

CWE-250

Yayın Tarihi

2025-09-01 08:15:31

Güncelleme

2025-09-02 15:55:25

Source Identifier

security@unisoc.com

KEV Date Added

Kategoriler

CWE-250 HIGH 2025

Referanslar

https://www.nccgroup.com/research-blog/there-s-another-hole-in-your-soc-unisoc-rom-vulnerabilities/