CVE-2022-42759: cwe-126 Buffer Over-read in Unisoc (Shanghai) Technologies Co., Ltd. SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8017
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
AI Analysis
Technical Summary
CVE-2022-42759 is a medium-severity vulnerability identified in the WLAN driver of several Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, T310, T606, T610, T612, T616, T618, T760, T770, T820, and S8017. These chipsets are commonly integrated into Android devices running versions 10, 11, and 12. The vulnerability stems from a missing bounds check in the WLAN driver code, which leads to a buffer over-read condition classified under CWE-126. A buffer over-read occurs when a program reads more data than the buffer's allocated size, potentially causing memory corruption or crashes. In this case, the flaw can be exploited locally by an attacker with limited privileges (low privileges required) and does not require user interaction. The primary impact is a denial of service (DoS) condition affecting WLAN services, which could disrupt wireless connectivity on the affected device. The CVSS v3.1 base score is 5.5, reflecting a medium severity level, with attack vector local (AV:L), low attack complexity (AC:L), privileges required low (PR:L), no user interaction (UI:N), unchanged scope (S:U), no impact on confidentiality or integrity (C:N/I:N), and high impact on availability (A:H). There are no known exploits in the wild, and no patches have been explicitly linked in the provided data. The vulnerability was reserved in October 2022 and published in December 2022. Given the affected chipsets are embedded in Android devices, the vulnerability could affect smartphones, tablets, and IoT devices using these Unisoc chipsets, potentially causing WLAN service interruptions due to local exploitation.
Potential Impact
For European organizations, the primary impact of CVE-2022-42759 is the potential for local denial of service on devices using affected Unisoc chipsets. This could disrupt wireless network connectivity on mobile devices, impacting business operations reliant on mobile communications, especially in sectors where mobile device availability is critical (e.g., logistics, field services, healthcare). Although the vulnerability does not compromise confidentiality or integrity, the loss of availability can hinder productivity and communication. The local attack vector and requirement for low privileges limit remote exploitation, reducing the risk of widespread network compromise. However, insider threats or malware with local access could trigger the DoS condition. Organizations deploying Android devices with these chipsets should be aware of possible service interruptions and plan accordingly. The absence of known exploits reduces immediate risk, but the vulnerability could be leveraged in targeted attacks or combined with other exploits to increase impact. The vulnerability also affects IoT devices using these chipsets, which may be part of critical infrastructure or industrial control systems, potentially causing operational disruptions if exploited.
Mitigation Recommendations
1. Device Inventory and Identification: Organizations should identify all devices using Unisoc chipsets listed in the vulnerability, focusing on Android 10, 11, and 12 devices. 2. Firmware and Driver Updates: Although no specific patch links are provided, organizations should monitor Unisoc and device manufacturers for firmware or driver updates addressing this vulnerability and apply them promptly. 3. Restrict Local Access: Since exploitation requires local access with low privileges, enforce strict access controls on devices, including disabling unnecessary local accounts and restricting physical access to devices. 4. Endpoint Protection: Deploy endpoint security solutions capable of detecting anomalous behavior that might indicate attempts to exploit local vulnerabilities. 5. User Awareness: Educate users about the risks of installing untrusted applications or granting unnecessary permissions that could enable local privilege escalation or exploitation. 6. Network Segmentation: Limit the impact of potential device outages by segmenting critical network resources and ensuring redundancy in wireless connectivity options. 7. Monitor for Anomalies: Implement monitoring to detect unusual WLAN service disruptions or device crashes that could indicate exploitation attempts. 8. Vendor Engagement: Engage with device vendors and Unisoc for timely updates and security advisories related to this vulnerability.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Poland, Sweden, Belgium, Finland
CVE-2022-42759: cwe-126 Buffer Over-read in Unisoc (Shanghai) Technologies Co., Ltd. SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8017
Description
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
AI-Powered Analysis
Technical Analysis
CVE-2022-42759 is a medium-severity vulnerability identified in the WLAN driver of several Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, T310, T606, T610, T612, T616, T618, T760, T770, T820, and S8017. These chipsets are commonly integrated into Android devices running versions 10, 11, and 12. The vulnerability stems from a missing bounds check in the WLAN driver code, which leads to a buffer over-read condition classified under CWE-126. A buffer over-read occurs when a program reads more data than the buffer's allocated size, potentially causing memory corruption or crashes. In this case, the flaw can be exploited locally by an attacker with limited privileges (low privileges required) and does not require user interaction. The primary impact is a denial of service (DoS) condition affecting WLAN services, which could disrupt wireless connectivity on the affected device. The CVSS v3.1 base score is 5.5, reflecting a medium severity level, with attack vector local (AV:L), low attack complexity (AC:L), privileges required low (PR:L), no user interaction (UI:N), unchanged scope (S:U), no impact on confidentiality or integrity (C:N/I:N), and high impact on availability (A:H). There are no known exploits in the wild, and no patches have been explicitly linked in the provided data. The vulnerability was reserved in October 2022 and published in December 2022. Given the affected chipsets are embedded in Android devices, the vulnerability could affect smartphones, tablets, and IoT devices using these Unisoc chipsets, potentially causing WLAN service interruptions due to local exploitation.
Potential Impact
For European organizations, the primary impact of CVE-2022-42759 is the potential for local denial of service on devices using affected Unisoc chipsets. This could disrupt wireless network connectivity on mobile devices, impacting business operations reliant on mobile communications, especially in sectors where mobile device availability is critical (e.g., logistics, field services, healthcare). Although the vulnerability does not compromise confidentiality or integrity, the loss of availability can hinder productivity and communication. The local attack vector and requirement for low privileges limit remote exploitation, reducing the risk of widespread network compromise. However, insider threats or malware with local access could trigger the DoS condition. Organizations deploying Android devices with these chipsets should be aware of possible service interruptions and plan accordingly. The absence of known exploits reduces immediate risk, but the vulnerability could be leveraged in targeted attacks or combined with other exploits to increase impact. The vulnerability also affects IoT devices using these chipsets, which may be part of critical infrastructure or industrial control systems, potentially causing operational disruptions if exploited.
Mitigation Recommendations
1. Device Inventory and Identification: Organizations should identify all devices using Unisoc chipsets listed in the vulnerability, focusing on Android 10, 11, and 12 devices. 2. Firmware and Driver Updates: Although no specific patch links are provided, organizations should monitor Unisoc and device manufacturers for firmware or driver updates addressing this vulnerability and apply them promptly. 3. Restrict Local Access: Since exploitation requires local access with low privileges, enforce strict access controls on devices, including disabling unnecessary local accounts and restricting physical access to devices. 4. Endpoint Protection: Deploy endpoint security solutions capable of detecting anomalous behavior that might indicate attempts to exploit local vulnerabilities. 5. User Awareness: Educate users about the risks of installing untrusted applications or granting unnecessary permissions that could enable local privilege escalation or exploitation. 6. Network Segmentation: Limit the impact of potential device outages by segmenting critical network resources and ensuring redundancy in wireless connectivity options. 7. Monitor for Anomalies: Implement monitoring to detect unusual WLAN service disruptions or device crashes that could indicate exploitation attempts. 8. Vendor Engagement: Engage with device vendors and Unisoc for timely updates and security advisories related to this vulnerability.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Unisoc
- Date Reserved
- 2022-10-11T00:00:00.000Z
- Cisa Enriched
- true
Threat ID: 682d9843c4522896dcbf3115
Added to database: 5/21/2025, 9:09:23 AM
Last enriched: 6/23/2025, 7:34:39 AM
Last updated: 7/26/2025, 11:26:17 AM
Views: 10
Related Threats
CVE-2025-55159: CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer in tokio-rs slab
MediumCVE-2025-55161: CWE-918: Server-Side Request Forgery (SSRF) in Stirling-Tools Stirling-PDF
HighCVE-2025-25235: CWE-918 Server-Side Request Forgery (SSRF) in Omnissa Secure Email Gateway
HighCVE-2025-55151: CWE-918: Server-Side Request Forgery (SSRF) in Stirling-Tools Stirling-PDF
HighCVE-2025-55150: CWE-918: Server-Side Request Forgery (SSRF) in Stirling-Tools Stirling-PDF
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.