Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability that does not check the caller's permission, in which a third-party app could change system settings.