CVE-2025-31710

MEDIUM

EngineerMode Service - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-31710. PoCs published by Skorpion96.

AI-analyzed exploit summary This repository contains a working exploit for CVE-2025-31710, targeting Unisoc devices to obtain a root shell via the cmd_skt abstract socket. The exploit leverages the com.sprd.engineermode app and includes scripts for various attack vectors, including reverse shells and post-exploitation techniques.

Description

In engineermode service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.

Exploits (1)

nomisec WORKING POC 86 stars
by Skorpion96 · poc
https://github.com/Skorpion96/unisoc-su

This repository contains a working exploit for CVE-2025-31710, targeting Unisoc devices to obtain a root shell via the cmd_skt abstract socket. The exploit leverages the com.sprd.engineermode app and includes scripts for various attack vectors, including reverse shells and post-exploitation techniques.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Unisoc devices with com.sprd.engineermode app (up to Android 13)
No auth needed
Prerequisites: Unisoc device with vulnerable com.sprd.engineermode app · ADB or Shizuku access · cli-pie binary
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 5.9
EPSS 0.0041
EPSS Percentile 32.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-77
Status published
Products (3)
google/android 13.0
google/android 14.0
google/android 15.0
Published Jun 03, 2025
Tracked Since Feb 18, 2026