← Retour aux CVEs

CVE-2020-12753

CRITICAL

9.8

Description

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. Arbitrary code execution can occur via the bootloader because of an EL1/EL3 coldboot vulnerability involving raw_resources. The LG ID is LVE-SMP-200006 (May 2020).

Details CVE

Score CVSS v3.19.8

SeveriteCRITICAL

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie5/11/2020

Derniere modification11/21/2024

Sourcenvd

Observations honeypot0

Produits affectes

google:android

Faiblesses (CWE)

CWE-787

References

https://douevenknow.us/post/619763074822520832/an-el1el3-coldboot-vulnerability(cve@mitre.org)

https://lgsecurity.lge.com/(cve@mitre.org)

https://www.zdnet.com/article/new-cold-boot-attack-affects-seven-years-of-lg-android-smartphones/(cve@mitre.org)

https://douevenknow.us/post/619763074822520832/an-el1el3-coldboot-vulnerability(af854a3a-2127-422b-91ae-364da2661108)

https://lgsecurity.lge.com/(af854a3a-2127-422b-91ae-364da2661108)

https://www.zdnet.com/article/new-cold-boot-attack-affects-seven-years-of-lg-android-smartphones/(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.