CVE-2023-30863: 
NixOS vulnerability analysis and mitigation

A vulnerability in the Connectivity Service component was identified as CVE-2023-30863, which involves a missing permission check that could lead to local escalation of privilege. The vulnerability affects various UNISOC hardware platforms and Android 10.0 operating systems (NVD, CVE).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The vulnerability is classified under CWE-862 (Missing Authorization). The issue requires local access and low privileges to exploit, but could result in high impacts to confidentiality, integrity, and availability (NVD).

If exploited, this vulnerability could allow a local attacker to escalate privileges without requiring additional execution privileges. The high CVSS score indicates potential severe impacts on system security, including unauthorized access to sensitive data and system resources (NVD).

The vulnerability affects multiple UNISOC hardware platforms including S8000, SC7731E, SC9832E, SC9863A, T310, T606, T610, T612, T616, and Android 10.0 operating systems. Users should apply any security updates provided by UNISOC or device manufacturers (NVD).