{"api_version":"1","generated_at":"2026-04-23T10:21:26+00:00","cve":"CVE-2022-23727","urls":{"html":"https://cve.report/CVE-2022-23727","api":"https://cve.report/api/cve/CVE-2022-23727.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-23727","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-23727"},"summary":{"title":"CVE-2022-23727","description":"There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting environments, local attacker is able to perform specific operation to exploit this vulnerability. Exploitation may cause the attacker to obtain a higher privilege","state":"PUBLIC","assigner":"product.security@lge.com","published_at":"2022-01-28 20:15:00","updated_at":"2023-07-03 20:34:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://lgsecurity.lge.com/bulletins/tv","name":"https://lgsecurity.lge.com/bulletins/tv","refsource":"MISC","tags":[],"title":"LG Product Security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-23727","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23727","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"23727","vulnerable":"1","versionEndIncluding":"5.0","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"lg","cpe5":"webos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2022-23727","ASSIGNER":"product.security@lge.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://lgsecurity.lge.com/bulletins/tv","url":"https://lgsecurity.lge.com/bulletins/tv"}]},"description":{"description_data":[{"lang":"eng","value":"There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting environments, local attacker is able to perform specific operation to exploit this vulnerability. Exploitation may cause the attacker to obtain a higher privilege"}]}},"nvd":{"publishedDate":"2022-01-28 20:15:00","lastModifiedDate":"2023-07-03 20:34:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":4.6},"severity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:lg:webos:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndIncluding":"5.0","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2022","CveId":"23727","Ordinal":"226589","Title":"CVE-2022-23727","CVE":"CVE-2022-23727","Year":"2022"},"notes":[{"CveYear":"2022","CveId":"23727","Ordinal":"1","NoteData":"There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting environments, local attacker is able to perform specific operation to exploit this vulnerability. Exploitation may cause the attacker to obtain a higher privilege","Type":"Description","Title":null},{"CveYear":"2022","CveId":"23727","Ordinal":"2","NoteData":"2022-01-28","Type":"Other","Title":"Published"},{"CveYear":"2022","CveId":"23727","Ordinal":"3","NoteData":"2022-01-28","Type":"Other","Title":"Modified"}]}}}