CVE-2022-38691 | THREATINT

Description

In BootROM, there is a possible missing validation for Certificate Type 0. This could lead to local escalation of privilege with no additional execution privileges needed.

PUBLISHED Reserved 2022-08-22 | Published 2025-09-01 | Updated 2025-09-02 | Assigner Unisoc

Product status

Default status

unaffected

affected

References

www.nccgroup.com/...-in-your-soc-unisoc-rom-vulnerabilities/

cve.org (CVE-2022-38691)

nvd.nist.gov (CVE-2022-38691)

Download JSON