Severity by source
AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H
Local IPC abuse from an existing low-privileged process (AV:L/PR:L), low complexity, user interaction needed, crossing into the privileged service (S:C) with high availability impact.
Primary rating from Vendor (OPPO).
CVSS VectorVendor: OPPO
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H
Lifecycle Timeline
1DescriptionCVE.org
Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel.
AnalysisAI
Local privilege escalation in OPPO's O+ Connect arises because its inter-process communication (IPC) service accepts client connections without authenticating them, letting any external application on the same device invoke privileged operations through the IPC channel. With CVSS 7.3 (scope-changed, high availability impact) and CWE-266 incorrect privilege assignment, a low-privileged local process can perform sensitive actions it should not be authorized for. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires a local foothold: the attacker must already be able to run code on the device as a low-privileged user (PR:L) and the attack involves user interaction (UI:R). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Real-world risk is moderate and bounded by the local attack surface. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A user installs a seemingly benign third-party application; once running with normal user privileges, that application opens a connection to the O+ Connect IPC service, which accepts it without any authentication. Leveraging a user action (UI:R), the malicious process issues privileged IPC requests to perform sensitive actions or escalate privilege. … |
| Remediation | Apply the update referenced in OPPO's security advisory at https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-2070415238859333632 - patch available per vendor advisory, though no exact fixed version was provided in the input, so confirm the specific build with OPPO before deploying. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify and inventory all OPPO devices running O+ Connect; assess business criticality of the service. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-266 – Incorrect Privilege Assignment
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40052
GHSA-xf9v-h779-xxhr