Lucene search

LGECVE-2022-23728

HistoryJan 21, 2022 - 7:15 p.m.

CVE-2022-23728

2022-01-2119:15:10

CWE-684

LGE

web.nvd.nist.gov

cve-2022-23728

device reset

at command

reboot

lg id

lve-smp-210011

nvd

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:C/A:C

CVSS3

6.1

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

6.3

Confidence

High

EPSS

0.001

Percentile

17.1%

JSON

Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011.

Affected configurations

Nvd

Node

googleandroidRange<11.0

VendorProductVersionCPE
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	android	*	cpe:2.3:o:google:android::::::::

CNA Affected

[
  {
    "product": "LG mobile devices",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Prior device to Android OS version 11"
      }
    ]
  }
]

References

lgsecurity.lge.com/bulletins/mobile

Social References

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:C/A:C

CVSS3

6.1

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

6.3

Confidence

High

EPSS

0.001

Percentile

17.1%

JSON

Related for CVE-2022-23728