CVE-2022-42759 is a medium-severity vulnerability identified in the WLAN driver of several Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, T310, T606, T610, T612, T616, T618, T760, T770, T820, and S8017. These chipsets are commonly integrated into Android devices running versions 10, 11, and 12. The vulnerability stems from a missing bounds check in the WLAN driver code, which leads to a buffer over-read condition classified under CWE-126. A buffer over-read occurs when a program reads more data than the buffer's allocated size, potentially causing memory corruption or crashes. In this case, the flaw can be exploited locally by an attacker with limited privileges (low privileges required) and does not require user interaction. The primary impact is a denial of service (DoS) condition affecting WLAN services, which could disrupt wireless connectivity on the affected device. The CVSS v3.1 base score is 5.5, reflecting a medium severity level, with attack vector local (AV:L), low attack complexity (AC:L), privileges required low (PR:L), no user interaction (UI:N), unchanged scope (S:U), no impact on confidentiality or integrity (C:N/I:N), and high impact on availability (A:H). There are no known exploits in the wild, and no patches have been explicitly linked in the provided data. The vulnerability was reserved in October 2022 and published in December 2022. Given the affected chipsets are embedded in Android devices, the vulnerability could affect smartphones, tablets, and IoT devices using these Unisoc chipsets, potentially causing WLAN service interruptions due to local exploitation.

For European organizations, the primary impact of CVE-2022-42759 is the potential for local denial of service on devices using affected Unisoc chipsets. This could disrupt wireless network connectivity on mobile devices, impacting business operations reliant on mobile communications, especially in sectors where mobile device availability is critical (e.g., logistics, field services, healthcare). Although the vulnerability does not compromise confidentiality or integrity, the loss of availability can hinder productivity and communication. The local attack vector and requirement for low privileges limit remote exploitation, reducing the risk of widespread network compromise. However, insider threats or malware with local access could trigger the DoS condition. Organizations deploying Android devices with these chipsets should be aware of possible service interruptions and plan accordingly. The absence of known exploits reduces immediate risk, but the vulnerability could be leveraged in targeted attacks or combined with other exploits to increase impact. The vulnerability also affects IoT devices using these chipsets, which may be part of critical infrastructure or industrial control systems, potentially causing operational disruptions if exploited.

1. Device Inventory and Identification: Organizations should identify all devices using Unisoc chipsets listed in the vulnerability, focusing on Android 10, 11, and 12 devices. 2. Firmware and Driver Updates: Although no specific patch links are provided, organizations should monitor Unisoc and device manufacturers for firmware or driver updates addressing this vulnerability and apply them promptly. 3. Restrict Local Access: Since exploitation requires local access with low privileges, enforce strict access controls on devices, including disabling unnecessary local accounts and restricting physical access to devices. 4. Endpoint Protection: Deploy endpoint security solutions capable of detecting anomalous behavior that might indicate attempts to exploit local vulnerabilities. 5. User Awareness: Educate users about the risks of installing untrusted applications or granting unnecessary permissions that could enable local privilege escalation or exploitation. 6. Network Segmentation: Limit the impact of potential device outages by segmenting critical network resources and ensuring redundancy in wireless connectivity options. 7. Monitor for Anomalies: Implement monitoring to detect unusual WLAN service disruptions or device crashes that could indicate exploitation attempts. 8. Vendor Engagement: Engage with device vendors and Unisoc for timely updates and security advisories related to this vulnerability.