CVE-2022-42775 is a medium-severity vulnerability identified in the camera driver of several Unisoc (Shanghai) Technologies Co., Ltd. chipsets, including SC9863A, SC9832E, SC7731E, and multiple T-series models (T310, T606, T610, T612, T616, T618, T760, T770, T820) as well as the S8000. These chipsets are commonly integrated into Android devices running versions 10, 11, and 12. The vulnerability stems from improper locking mechanisms within the camera driver, leading to a memory corruption issue classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer). This flaw can be exploited locally by an attacker with low privileges (PR:L) and does not require user interaction (UI:N). The impact is primarily a denial of service (DoS) condition at the kernel level, potentially causing the device to crash or become unresponsive. The CVSS v3.1 base score is 5.5, reflecting a medium severity with an attack vector limited to local access, low attack complexity, and no confidentiality or integrity impact, but high impact on availability. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability was reserved in October 2022 and publicly disclosed in December 2022. Given the kernel-level nature of the flaw, exploitation could disrupt critical device functions, particularly those relying on camera operations, and may require local access to the device, such as through a malicious app or local user compromise.

For European organizations, the primary impact of CVE-2022-42775 is the potential for local denial of service on devices using affected Unisoc chipsets. This can disrupt business operations relying on mobile devices, especially those using camera functionalities for authentication, remote inspections, or communication. Although the vulnerability does not compromise confidentiality or integrity, the availability impact at the kernel level can cause device crashes or reboots, leading to productivity loss and potential operational downtime. Organizations deploying mobile device management (MDM) solutions or relying on mobile endpoints with these chipsets may face increased support costs and user disruption. The lack of remote exploitability limits the threat to scenarios where an attacker has local access or can trick users into installing malicious applications. However, given the widespread use of Unisoc chipsets in budget and mid-range devices, this vulnerability could affect a significant number of consumer and enterprise devices in Europe, particularly in sectors with high mobile device usage such as retail, logistics, and field services.

Monitor vendor advisories from Unisoc and device manufacturers for official patches or firmware updates addressing this vulnerability and apply them promptly. Implement strict application whitelisting and mobile device management policies to prevent installation of untrusted or malicious applications that could exploit local vulnerabilities. Enforce least privilege principles on mobile devices, restricting local user permissions to reduce the risk of local exploitation. Conduct regular security awareness training for users to avoid installing unverified apps or granting unnecessary permissions that could facilitate local attacks. Where possible, isolate critical mobile devices from untrusted networks and limit physical access to devices to reduce the risk of local exploitation. Use runtime protection tools or endpoint detection and response (EDR) solutions capable of monitoring for anomalous kernel-level activity on mobile devices, if supported. Perform regular device health checks and monitor for unexpected crashes or reboots that may indicate exploitation attempts.