ASB-A-163358811

In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2021-3022

An issue was discovered on LG mobile devices with Android OS 10 software. There was no write protection for the MTK protect2 partition. The LG ID is LVE-SMP-200028 January 2021...

Code injection

An issue was discovered on LG mobile devices with Android OS 10 software. There was no write protection for the MTK protect2 partition. The LG ID is LVE-SMP-200028 January 2021...

CVE-2021-3022

CVE-2021-3022 describes a lack of write protection for the MTK protect2 partition on LG mobile devices running Android 10 (LG ID LVE-SMP-200028). The issue is that protect2 could be written without protection, but exploitation details, affected models/versions beyond Android 10, and concrete reme...

CVE-2021-3022

An issue was discovered on LG mobile devices with Android OS 10 software. There was no write protection for the MTK protect2 partition. The LG ID is LVE-SMP-200028 January 2021...

CVE-2020-35555

An issue was discovered on LG mobile devices with Android OS 10 software. When a dual-screen configuration is supported, the device does not lock upon disconnection of a call with the cover closed. The LG ID is LVE-SMP-200027 December 2020...

Design/Logic Flaw

An issue was discovered on LG mobile devices with Android OS 10 software. When a dual-screen configuration is supported, the device does not lock upon disconnection of a call with the cover closed. The LG ID is LVE-SMP-200027 December 2020...

CVE-2020-35554

CVE-2020-35554 affects LG mobile devices running Android 8.x–10 with a WebView SSL error-handler vulnerability. The issue is described as an SSL handling weakness in WebView, linked to LG’s internal identifier LVE-SMP-200026 (December 2020). Connected sources corroborate the vulnerability across ...

CVE-2020-35554

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. There is a WebView SSL error-handler vulnerability. The LG ID is LVE-SMP-200026 December 2020...

CVE-2020-35555

An issue was discovered on LG mobile devices with Android OS 10 software. When a dual-screen configuration is supported, the device does not lock upon disconnection of a call with the cover closed. The LG ID is LVE-SMP-200027 December 2020...

CVE-2020-35555

The CVE-2020-35555 entry concerns LG mobile devices running Android 10 with dual-screen support. The issue is that, when a call is disconnected while the cover is closed, the device does not lock as expected, potentially leaving the device accessible without authentication. The details specify th...

CVE-2020-28344

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. System services may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200024 November 2020...

CVE-2020-28345

An issue was discovered on LG mobile devices with Android OS 10 software. The Wi-Fi subsystem may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200025 November 2020...

Null pointer dereference

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. System services may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200024 November 2020...

Null pointer dereference

An issue was discovered on LG mobile devices with Android OS 10 software. The Wi-Fi subsystem may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200025 November 2020...

CVE-2020-28344

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. System services may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200024 November 2020...

CVE-2020-28344

CVE-2020-28344 affects LG mobile devices running Android 8.0–10. The root cause is a missing NULL parameter check leading to a NULL pointer dereference, which may cause system services to crash. The available documents (NVD, Red Hat, CVE listing) reiterate this description; no specific CVE patch ...

CVE-2020-28345

CVE-2020-28345 affects LG mobile devices running Android 10. The issue is in the Wi‑Fi subsystem, where a missing NULL parameter check can cause a crash. This is described in multiple sources (e.g., NVD/Red Hat entries) with no public details on a fix in the provided documents. Impact is indicate...

CVE-2020-28345

An issue was discovered on LG mobile devices with Android OS 10 software. The Wi-Fi subsystem may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200025 November 2020...

Code injection

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, and 9.0 software. The Network Management component could allow an unauthorized actor to kill a TCP connection. The LG ID is LVE-SMP-200023 October 2020...