Login Sign Up

CVE-2022-27835

7.6 HIGH

📋 TL;DR

This CVE describes an improper boundary check vulnerability in Samsung's UWB (Ultra-Wideband) firmware that allows attackers to write arbitrary memory. It affects Samsung mobile devices with vulnerable UWB firmware versions prior to April 2022 security updates. Successful exploitation could lead to code execution or device compromise.

💻 Affected Systems

Products:
  • Samsung mobile devices with UWB capabilities
Versions: UWB firmware versions prior to SMR Apr-2022 Release 1
Operating Systems: Android with Samsung UWB firmware
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects devices with UWB hardware (typically high-end Samsung smartphones like Galaxy S21+, Note20 Ultra, Fold/Flip series)

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise including arbitrary code execution, data theft, and persistent backdoor installation

🟠

Likely Case

Local privilege escalation allowing attackers to gain elevated privileges on the device

🟢

If Mitigated

Limited impact due to firmware-level protections and required physical proximity for UWB exploitation

🌐 Internet-Facing: LOW - UWB requires physical proximity (typically <10 meters) and cannot be exploited remotely over the internet
🏢 Internal Only: MEDIUM - Could be exploited by malicious actors with physical access to vulnerable devices in corporate environments

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires physical proximity and specialized UWB hardware/knowledge. No public exploits have been documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: SMR Apr-2022 Release 1 or later

Vendor Advisory: https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=4

Restart Required: Yes

Instructions:

1. Check for available system updates in Settings > Software update > Download and install. 2. Install the April 2022 security update or later. 3. Restart device after installation completes.

🔧 Temporary Workarounds

Disable UWB functionality

android

Turn off UWB features to prevent potential exploitation

Settings > Connections > More connection settings > UWB > Toggle off

🧯 If You Can't Patch

  • Disable UWB functionality in device settings
  • Implement physical security controls to prevent unauthorized device access

🔍 How to Verify

Check if Vulnerable:

Check device security patch level in Settings > About phone > Software information > Android security patch level. If before April 2022, device is vulnerable.

Check Version:

Settings > About phone > Software information > Android security patch level

Verify Fix Applied:

Verify Android security patch level shows April 2022 or later in Settings > About phone > Software information

📡 Detection & Monitoring

Log Indicators:

  • Unexpected UWB service crashes
  • Memory access violations in system logs
  • Privilege escalation attempts

Network Indicators:

  • Unusual UWB communication patterns
  • Unexpected proximity-based connections

SIEM Query:

Device logs showing UWB service anomalies OR security patch level before April 2022

📊 Metadata

CVE ID: CVE-2022-27835
CVSS v3 Score: 7.6 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:H
CWE: CWE-20
Published: April 11, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-27835, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2024-3400 10.0

CVE-2024-3400 is a critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProte...

Same vulnerability type (CWE-20)
CVE-2023-42802 10.0

This critical vulnerability in GLPI allows attackers to upload malicious PHP files to unauthorized d...

Same vulnerability type (CWE-20)