PT-2020-16062 · Lg+1 · Lguicc+1

Published

2020-09-11

Updated

2021-07-21

CVE-2020-25282

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions LG mobile devices with Android OS 10 software

Description An issue was discovered that allows attackers to bypass intended access restrictions on property values. This is related to the lguicc software, which is used for the LG Universal Integrated Circuit Card.

Recommendations For LG mobile devices with Android OS 10 software, at the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2020-25282

Affected Products

Android Os 10

Lguicc

PT-2020-16062 · Lg+1 · Lguicc+1

CVE-2020-25282

Weakness Enumeration

Related Identifiers

Affected Products

References · 3