CVE-2020-13842

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2020-13842
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). A dangerous AT command was made available even though it is unused. The LG ID is LVE-SMP-200010 (June 2020).

7.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://lgsecurity.lge.com/ Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:google:android:7.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
OR cpe:2.3:h:lg:cv1:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:cv1s:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:cv3:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:cv5:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:cv7:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:cv7as:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:dh10:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:dh15:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:dh30:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:dh35:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:dh40:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:dh5:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:dh50:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:g6:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:g7:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:g8:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:k20:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:k30:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:k40:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:k50:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:q6:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:q60:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:q70:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:q8:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:v20:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:v30:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:v35:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:v40:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:v50:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:v60:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:x300:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:x400:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:x500:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:x_cam:-:*:*:*:*:*:*:*
Information

Published : 2020-06-05 00:15

Updated : 2020-06-11 18:17

NVD link : CVE-2020-13842

Mitre link : CVE-2020-13842

JSON object : View

Products Affected

lg

  • cv3
  • cv7as
  • dh35
  • q6
  • dh10
  • v20
  • dh5
  • cv1s
  • v40
  • k30
  • k20
  • v60
  • q60
  • cv1
  • dh40
  • v30
  • cv7
  • dh30
  • cv5
  • x400
  • g6
  • x300
  • k50
  • k40
  • dh50
  • v35
  • x500
  • q8
  • g8
  • q70
  • dh15
  • v50
  • g7
  • x_cam

google

  • android
CWE
NVD-CWE-noinfo