CVE-2020-13841

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2020-13841
An issue was discovered on LG mobile devices with Android OS 9 and 10 (MTK chipsets). An AT command handler allows attackers to bypass intended access restrictions. The LG ID is LVE-SMP-200009 (June 2020).

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
https://lgsecurity.lge.com/ Vendor Advisory
https://lgsecurity.lge.com/ Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
OR cpe:2.3:h:lg:cv1:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:cv1s:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:cv3:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:cv5:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:cv7:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:cv7as:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:dh10:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:dh15:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:dh30:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:dh35:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:dh40:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:dh5:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:dh50:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:g6:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:g7:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:g8:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:k20:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:k30:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:k40:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:k50:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:q6:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:q60:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:q70:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:q8:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:v20:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:v30:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:v35:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:v40:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:v50:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:v60:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:x_cam:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:x300:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:x400:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:x500:-:*:*:*:*:*:*:*
History

21 Nov 2024, 05:01

Type Values Removed Values Added
References () https://lgsecurity.lge.com/ - Vendor Advisory () https://lgsecurity.lge.com/ - Vendor Advisory
Information

Published : 2020-06-05 00:15

Updated : 2024-11-21 05:01

NVD link : CVE-2020-13841

Mitre link : CVE-2020-13841

CVE.ORG link : CVE-2020-13841

JSON object : View

Products Affected

lg

  • g8
  • v30
  • dh50
  • x_cam
  • v60
  • dh15
  • cv7as
  • k20
  • g6
  • dh30
  • q70
  • dh10
  • cv7
  • v40
  • v20
  • cv1s
  • x300
  • v50
  • cv3
  • q60
  • q8
  • k40
  • v35
  • k30
  • g7
  • k50
  • dh35
  • x400
  • cv1
  • dh40
  • dh5
  • q6
  • x500
  • cv5

google

  • android
CWE
NVD-CWE-noinfo