Main Vulnerability Database Exploits ID:11786 - Exploit for Command injection in UNISOC products - CVE-2025-31710

ID:11786 - Exploit for Command injection in UNISOC products - CVE-2025-31710

Published: July 18, 2025

Vulnerability identifier: #VU112347

Vulnerability risk: Low

CVE-ID: CVE-2025-31710

CWE-ID: CWE-77

Exploitation vector: Local access

Vulnerable software:
SC9863A
T606
T612
T616
T750
T765
T760
T770
T820
S8000
T8300
T9300

Link to public exploit:

https://github.com/Skorpion96/unisoc-su

Vulnerability description

The vulnerability allows a local application to read and manipulate data.

The vulnerability exists due to a possible command injection due to improper input validation within the engineermode service in Android. A local application can read and manipulate data.

Remediation

Install security update from vendor's website.

ID:11786 - Exploit for Command injection in UNISOC products - CVE-2025-31710

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human