CVE-2022-23727

Name: CVE-2022-23727
Creator: NVD / NIST
Published: 2022-01-28T20:15:12.913+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.8/10EPSS 0.24%

Last modified Jun 17, 2026

CVE-2022-23727 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting environments, local attacker is able to perform specific operation to exploit this vulnerability. EPSS estimates a 0.24% chance of exploitation in the next 30 days.

Description

There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting environments, local attacker is able to perform specific operation to exploit this vulnerability. Exploitation may cause the attacker to obtain a higher privilege

Metrics

CVSS 3.1

7.8/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.24%

14.3th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Lg	Webos	>= 3.0, <= 5.0

References

https://lgsecurity.lge.com/bulletins/tvVendor Advisory
https://lgsecurity.lge.com/bulletins/tvVendor Advisory

Timeline

Published: Jan 28, 2022
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2022-23727?

How severe is CVE-2022-23727?

CVE-2022-23727 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 0.24% probability of exploitation in the next 30 days.

How do I fix CVE-2022-23727?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-23727?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST