CVE-2021-38789

Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability that does not check the caller's permission, in which a third-party app could change system settings.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:allwinnertech:android_q_sdk:1.0:*:*:*:*:*:*:*
cpe:2.3:h:allwinnertech:r818:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:18

Type Values Removed Values Added
References () https://github.com/pokerfacett/MY_CVE_CREDIT/blob/master/Allwinner%20R818%20SoC%EF%BC%9Aaw_display%20service%20has%20EoP%20Vulnerability.md - Broken Link () https://github.com/pokerfacett/MY_CVE_CREDIT/blob/master/Allwinner%20R818%20SoC%EF%BC%9Aaw_display%20service%20has%20EoP%20Vulnerability.md - Broken Link
References () https://vul.wangan.com/a/CNVD-2021-46927 - Third Party Advisory () https://vul.wangan.com/a/CNVD-2021-46927 - Third Party Advisory
References () https://www.allwinnertech.com/index.php?c=product&a=index&id=92 - Product, Vendor Advisory () https://www.allwinnertech.com/index.php?c=product&a=index&id=92 - Product, Vendor Advisory
References () https://www.cnvd.org.cn/flaw/show/CNVD-2021-46927 - Third Party Advisory () https://www.cnvd.org.cn/flaw/show/CNVD-2021-46927 - Third Party Advisory

12 Jul 2022, 17:42

Type Values Removed Values Added
CWE CWE-863 CWE-862

26 Jan 2022, 17:25

Type Values Removed Values Added
References (MISC) https://github.com/pokerfacett/MY_CVE_CREDIT/blob/master/Allwinner%20R818%20SoC%EF%BC%9Aaw_display%20service%20has%20EoP%20Vulnerability.md - (MISC) https://github.com/pokerfacett/MY_CVE_CREDIT/blob/master/Allwinner%20R818%20SoC%EF%BC%9Aaw_display%20service%20has%20EoP%20Vulnerability.md - Broken Link
References (MISC) https://www.allwinnertech.com/index.php?c=product&a=index&id=92 - (MISC) https://www.allwinnertech.com/index.php?c=product&a=index&id=92 - Product, Vendor Advisory
References (MISC) https://www.cnvd.org.cn/flaw/show/CNVD-2021-46927 - (MISC) https://www.cnvd.org.cn/flaw/show/CNVD-2021-46927 - Third Party Advisory
References (MISC) https://vul.wangan.com/a/CNVD-2021-46927 - (MISC) https://vul.wangan.com/a/CNVD-2021-46927 - Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 5.0
v3 : 7.5
CWE CWE-863
CPE cpe:2.3:a:allwinnertech:android_q_sdk:1.0:*:*:*:*:*:*:*
cpe:2.3:h:allwinnertech:r818:-:*:*:*:*:*:*:*

19 Jan 2022, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-01-19 19:15

Updated : 2024-11-21 06:18


NVD link : CVE-2021-38789

Mitre link : CVE-2021-38789

CVE.ORG link : CVE-2021-38789


JSON object : View

Products Affected

allwinnertech

  • android_q_sdk
  • r818
CWE
CWE-862

Missing Authorization