PT-2020-13244 · Google · Android
Max Thomas
·
Published
2020-05-11
·
Updated
2022-04-26
·
CVE-2020-12753
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
LG mobile devices with Android OS versions 7.2, 8.0, 8.1, 9, and 10
Description
An issue was discovered that allows arbitrary code execution via the bootloader due to an EL1/EL3 coldboot vulnerability involving raw resources. This vulnerability can be exploited for attacks, and it has been reported that LG smartphones were vulnerable to such attacks for around 7 years.
Recommendations
For LG mobile devices with Android OS versions 7.2, 8.0, 8.1, 9, and 10, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android