CVE-2022-48383 – CVE-2022-48383 is a missing permission check vu... (How to Fix)

Q: What is the severity of CVE-2022-48383?

CVE-2022-48383 has a CVSS score of 7.8 (HIGH). CVE-2022-48383 is a missing permission check vulnerability in the srtd service that allows local attackers to escalate privileges without requiring additional execution privileges. This affects systems running vulnerable versions of the srtd service, typically on Unisoc platforms. Attackers can gain elevated privileges from a standard user context.

📋 TL;DR

CVE-2022-48383 is a missing permission check vulnerability in the srtd service that allows local attackers to escalate privileges without requiring additional execution privileges. This affects systems running vulnerable versions of the srtd service, typically on Unisoc platforms. Attackers can gain elevated privileges from a standard user context.

💻 Affected Systems

Products:

Unisoc srtd service

Versions: Specific versions not detailed in references, but likely affects multiple versions prior to patch

Operating Systems: Android-based systems with Unisoc chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices using Unisoc chipsets with the vulnerable srtd service component. Exact device models not specified in provided references.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise where an attacker gains root/administrator access, installs persistent malware, accesses sensitive data, and pivots to other systems.

🟠

Likely Case

Local privilege escalation allowing attackers to bypass security controls, install unauthorized software, modify system configurations, and access restricted resources.

🟢

If Mitigated

Limited impact with proper access controls, minimal user privileges, and network segmentation preventing lateral movement.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring local access to the system.

🏢 Internal Only: HIGH - Internal users or compromised accounts can exploit this to gain elevated privileges and potentially compromise the entire system.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Requires local access to the system. The missing permission check suggests straightforward exploitation once local access is obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in provided references

Vendor Advisory: https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761

Restart Required: Yes

Instructions:

1. Contact device manufacturer for security updates. 2. Apply available firmware/OS updates. 3. Verify srtd service is updated. 4. Reboot device after update.

🔧 Temporary Workarounds

Disable srtd service if not needed

android

Stop and disable the vulnerable srtd service to prevent exploitation

adb shell pm disable com.unisoc.srtd
adb shell stop srtd

Restrict service permissions

linux

Modify service permissions to limit access if service must remain running

chmod 750 /system/bin/srtd
chown root:system /system/bin/srtd

🧯 If You Can't Patch

Implement strict access controls and limit local user privileges
Monitor for unusual privilege escalation attempts and srtd service activity

🔍 How to Verify

Check if Vulnerable:

Check srtd service version and permissions: adb shell dumpsys package com.unisoc.srtd | grep version

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify updated srtd service version and check for security patches in system updates

📡 Detection & Monitoring

Log Indicators:

Unusual srtd service activity
Privilege escalation attempts
Unexpected process execution with elevated privileges

Network Indicators:

Not applicable - local vulnerability

SIEM Query:

process_name:srtd AND (event_type:privilege_escalation OR user_privilege_change)

📊 Metadata

CVE ID: CVE-2022-48383

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-862

Published: May 9, 2023

Last Updated: January 28, 2025

🔗 References

https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761 Vendor Advisory
https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-48383, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Android by Google

Android by Google

Android by Google

Android by Google

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable srtd service if not needed

Restrict service permissions

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities