Lucene search

LGECVELIST:CVE-2024-1885

HistoryFeb 26, 2024 - 7:39 a.m.

CVE-2024-1885 Remote Code Execution attack on LG Signage

2024-02-2607:39:43

CWE-94

LGE

www.cve.org

cve-2024-1885

remote code execution

lg signage

webos

CVSS3

6.3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

AI Score

7.1

Confidence

High

EPSS

Percentile

9.0%

JSON

This vulnerability allows remote attackers to execute arbitrary code on the affected webOS of LG Signage.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "LG Signage",
    "vendor": "LG Electronics",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.0-56"
      }
    ]
  }
]

References

lgsecurity.lge.com/bulletins/idproducts#updateDetails

CVSS3

6.3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

AI Score

7.1

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2024-1885