CVE-2025-9056

Name of the Vulnerable Software and Affected Versions TECNO AudioLink versions prior to 1.3.0.87

Description A lack of authorization in the AudioLink service allows a local attacker to overwrite system files through unauthorized service invocation. This could lead to full device compromise. The issue grants SYSTEM privileges, enabling trivial file overwrite attacks.

Recommendations Restrict access to the AudioLink service. Monitor devices for unauthorized activity. At the moment, there is no information about a newer version that contains a fix for this vulnerability.