CVE-2022-42772 is a medium-severity vulnerability identified in the WLAN driver of several Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, and multiple T-series models (T610, T310, T606, T760, T618, T612, T616, T770, T820, S8021). These chipsets are commonly integrated into Android devices running Android 10, 11, and 12. The vulnerability stems from a missing bounds check in the WLAN driver code, specifically an out-of-bounds write condition categorized under CWE-787. This flaw allows an attacker with local privileges and low complexity to write data beyond the intended buffer boundaries within the WLAN driver. Exploitation does not require user interaction but does require local access and low privileges. The impact is primarily a denial of service (DoS) condition affecting WLAN services, potentially causing the wireless network interface to crash or become unresponsive, leading to loss of network connectivity. The CVSS 3.1 base score is 5.5 (medium severity), with vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating local attack vector, low attack complexity, low privileges required, no user interaction, unchanged scope, no confidentiality or integrity impact, but high availability impact. There are no known exploits in the wild, and no patches have been linked yet. The vulnerability was reserved in October 2022 and published in December 2022. Given the affected chipsets are widely used in budget and mid-range Android smartphones, this vulnerability could affect a significant number of devices, especially in markets where Unisoc chipsets have strong penetration. The lack of confidentiality or integrity impact limits the risk to network availability and user experience rather than data compromise. However, persistent DoS conditions could disrupt critical communications on affected devices.

For European organizations, the primary impact of CVE-2022-42772 is the potential disruption of wireless network connectivity on devices using affected Unisoc chipsets. This could lead to intermittent or prolonged loss of WLAN service on employee smartphones or IoT devices, affecting productivity, communication, and access to corporate resources. Organizations relying on Bring Your Own Device (BYOD) policies or deploying devices with these chipsets in operational environments may experience network instability. While the vulnerability does not allow data theft or privilege escalation, the denial of service could impact critical workflows, especially in sectors dependent on mobile connectivity such as logistics, healthcare, and field services. Additionally, the local attack vector means that an attacker would need physical or local access to the device, limiting remote exploitation risks but increasing concern in shared or public environments. The absence of known exploits reduces immediate threat levels but does not preclude future exploitation. The vulnerability could also affect embedded systems or IoT devices using these chipsets, potentially disrupting industrial or smart city applications within Europe.

1. Monitor vendor advisories from Unisoc and device manufacturers for patches or firmware updates addressing this vulnerability and apply them promptly. 2. Implement strict device usage policies restricting physical access to devices in sensitive environments to reduce risk of local exploitation. 3. Employ mobile device management (MDM) solutions to monitor device health and connectivity status, enabling rapid detection of WLAN service disruptions. 4. For organizations deploying IoT or embedded devices with Unisoc chipsets, conduct thorough inventory and risk assessments to identify affected devices and plan for updates or replacements. 5. Educate users on the importance of device security and physical control to mitigate local attack risks. 6. Where possible, configure network fallback options (e.g., cellular data) to maintain connectivity if WLAN services are disrupted. 7. Use network segmentation to isolate critical systems from devices potentially affected by this vulnerability to limit operational impact. 8. Consider deploying endpoint detection tools capable of identifying anomalous WLAN driver crashes or repeated connectivity failures as indicators of attempted exploitation.