PT-2020-10751 · Google · Android

Published

2020-04-17

Updated

2020-04-22

CVE-2019-20778

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions LG mobile devices with Android OS versions 7.0 through 9.0

Description An issue was discovered where the Backup subsystem does not properly restrict operations or validate their input.

Recommendations For Android OS versions 7.0 through 9.0, consider restricting access to the Backup subsystem until a proper fix is applied. As a temporary workaround, avoid using the Backup subsystem to minimize the risk of exploitation.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2019-20778

Affected Products

Android

PT-2020-10751 · Google · Android

CVE-2019-20778

Weakness Enumeration

Related Identifiers

Affected Products

References · 4