CVE-2022-42762: cwe-126 Buffer Over-read in Unisoc (Shanghai) Technologies Co., Ltd. SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8004
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
AI Analysis
Technical Summary
CVE-2022-42762 is a medium-severity vulnerability identified in the WLAN driver of several Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T618, T612, T616, T770, T820, and S8004. These chipsets are commonly integrated into Android devices running versions 10, 11, and 12. The vulnerability stems from a missing bounds check in the WLAN driver code, which leads to a buffer over-read condition classified under CWE-126. A buffer over-read occurs when a program reads more data than the buffer's allocated size, potentially causing memory corruption or crashes. In this case, the flaw can be exploited locally by an attacker with low privileges (PR:L) and no user interaction (UI:N) is required. The attack vector is local (AV:L), meaning the attacker must have local access to the device, such as through a malicious app or compromised user environment. The impact is limited to availability (A:H), causing a denial of service (DoS) in WLAN services, potentially disrupting wireless connectivity on affected devices. There is no impact on confidentiality or integrity. The vulnerability does not currently have known exploits in the wild, and no patches have been linked publicly yet. The CVSS v3.1 base score is 5.5, reflecting medium severity due to the ease of exploitation locally and the significant impact on availability but limited scope and no confidentiality or integrity impact. The affected chipsets are widely used in budget and mid-range Android smartphones, especially in markets where Unisoc SoCs are prevalent. The vulnerability could cause WLAN service crashes, leading to loss of wireless connectivity, which can disrupt communications and device usability until a reboot or fix is applied.
Potential Impact
For European organizations, the primary impact of CVE-2022-42762 is the potential disruption of wireless network connectivity on devices using affected Unisoc chipsets. This can affect employee smartphones or IoT devices relying on these chipsets for WLAN connectivity. The denial of service could interrupt critical communications, remote work, or access to corporate resources, especially in environments heavily dependent on mobile connectivity. Although the attack requires local access, compromised devices or malicious insiders could exploit this vulnerability to degrade network availability. The lack of confidentiality or integrity impact reduces the risk of data breaches, but availability disruptions can still affect operational continuity. Organizations with Bring Your Own Device (BYOD) policies or those deploying Unisoc-based devices in their infrastructure should be aware of potential WLAN service interruptions. The absence of known exploits reduces immediate risk, but the vulnerability's presence in widely used Android versions means that attackers could develop exploits in the future. The impact is more pronounced in sectors relying on mobile communications, such as logistics, field services, and remote workforce operations.
Mitigation Recommendations
1. Monitor vendor advisories from Unisoc and device manufacturers for official patches or firmware updates addressing this vulnerability and apply them promptly. 2. Restrict installation of untrusted or unnecessary applications on devices with affected chipsets to reduce the risk of local exploitation. 3. Implement mobile device management (MDM) solutions to enforce security policies, monitor device health, and remotely isolate or remediate affected devices if WLAN disruptions occur. 4. Educate users about the risks of installing apps from unknown sources, as local access is required for exploitation. 5. For critical environments, consider network segmentation or fallback connectivity options (e.g., cellular data) to maintain communications if WLAN services are disrupted. 6. Conduct regular security assessments of mobile devices to detect anomalous behavior that could indicate exploitation attempts. 7. If possible, prioritize procurement of devices using chipsets from vendors with faster patch cycles or less exposure to such vulnerabilities. 8. In the absence of patches, temporarily disable WLAN features or restrict WLAN driver access on devices used in highly sensitive environments to mitigate risk.
Affected Countries
Germany, France, Italy, Spain, Poland, United Kingdom, Netherlands, Belgium, Sweden, Finland
CVE-2022-42762: cwe-126 Buffer Over-read in Unisoc (Shanghai) Technologies Co., Ltd. SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8004
Description
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
AI-Powered Analysis
Technical Analysis
CVE-2022-42762 is a medium-severity vulnerability identified in the WLAN driver of several Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T618, T612, T616, T770, T820, and S8004. These chipsets are commonly integrated into Android devices running versions 10, 11, and 12. The vulnerability stems from a missing bounds check in the WLAN driver code, which leads to a buffer over-read condition classified under CWE-126. A buffer over-read occurs when a program reads more data than the buffer's allocated size, potentially causing memory corruption or crashes. In this case, the flaw can be exploited locally by an attacker with low privileges (PR:L) and no user interaction (UI:N) is required. The attack vector is local (AV:L), meaning the attacker must have local access to the device, such as through a malicious app or compromised user environment. The impact is limited to availability (A:H), causing a denial of service (DoS) in WLAN services, potentially disrupting wireless connectivity on affected devices. There is no impact on confidentiality or integrity. The vulnerability does not currently have known exploits in the wild, and no patches have been linked publicly yet. The CVSS v3.1 base score is 5.5, reflecting medium severity due to the ease of exploitation locally and the significant impact on availability but limited scope and no confidentiality or integrity impact. The affected chipsets are widely used in budget and mid-range Android smartphones, especially in markets where Unisoc SoCs are prevalent. The vulnerability could cause WLAN service crashes, leading to loss of wireless connectivity, which can disrupt communications and device usability until a reboot or fix is applied.
Potential Impact
For European organizations, the primary impact of CVE-2022-42762 is the potential disruption of wireless network connectivity on devices using affected Unisoc chipsets. This can affect employee smartphones or IoT devices relying on these chipsets for WLAN connectivity. The denial of service could interrupt critical communications, remote work, or access to corporate resources, especially in environments heavily dependent on mobile connectivity. Although the attack requires local access, compromised devices or malicious insiders could exploit this vulnerability to degrade network availability. The lack of confidentiality or integrity impact reduces the risk of data breaches, but availability disruptions can still affect operational continuity. Organizations with Bring Your Own Device (BYOD) policies or those deploying Unisoc-based devices in their infrastructure should be aware of potential WLAN service interruptions. The absence of known exploits reduces immediate risk, but the vulnerability's presence in widely used Android versions means that attackers could develop exploits in the future. The impact is more pronounced in sectors relying on mobile communications, such as logistics, field services, and remote workforce operations.
Mitigation Recommendations
1. Monitor vendor advisories from Unisoc and device manufacturers for official patches or firmware updates addressing this vulnerability and apply them promptly. 2. Restrict installation of untrusted or unnecessary applications on devices with affected chipsets to reduce the risk of local exploitation. 3. Implement mobile device management (MDM) solutions to enforce security policies, monitor device health, and remotely isolate or remediate affected devices if WLAN disruptions occur. 4. Educate users about the risks of installing apps from unknown sources, as local access is required for exploitation. 5. For critical environments, consider network segmentation or fallback connectivity options (e.g., cellular data) to maintain communications if WLAN services are disrupted. 6. Conduct regular security assessments of mobile devices to detect anomalous behavior that could indicate exploitation attempts. 7. If possible, prioritize procurement of devices using chipsets from vendors with faster patch cycles or less exposure to such vulnerabilities. 8. In the absence of patches, temporarily disable WLAN features or restrict WLAN driver access on devices used in highly sensitive environments to mitigate risk.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Unisoc
- Date Reserved
- 2022-10-11T00:00:00.000Z
- Cisa Enriched
- true
Threat ID: 682d9843c4522896dcbf3147
Added to database: 5/21/2025, 9:09:23 AM
Last enriched: 6/23/2025, 7:21:11 AM
Last updated: 8/11/2025, 10:21:53 AM
Views: 14
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.