Lucene search

LGECVELIST:CVE-2023-44123

HistorySep 27, 2023 - 1:52 p.m.

CVE-2023-44123 Bluetooth - Theft and (over-)write of arbitrary files with system privilege via PendingIntent hijacking

2023-09-2713:52:57

CWE-285

LGE

www.cve.org

bluetooth

theft

arbitrary files

system privilege

pendingintent hijacking

access permissions

content providers

CVSS3

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

EPSS

0.001

Percentile

17.0%

JSON

The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Bluetooth (“com.lge.bluetoothsetting”) app. The attacker’s app, if it had access to app notifications, could intercept them and redirect them to its activity, before making it grant access permissions to content providers with the android:grantUriPermissions="true" flag.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "LG V60 Thin Q 5G(LMV600VM)",
    "vendor": "LG Electronics",
    "versions": [
      {
        "status": "affected",
        "version": "Android 12, 13"
      }
    ]
  }
]

References

lgsecurity.lge.com/bulletins/mobile#updateDetails