Lucene search
K

4 matches found

OSV
OSV
added 2024/04/09 2:15 p.m.3 views

CVE-2023-6317

A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7. An attacker can create a privileged account without asking the user for the security PIN. Full versions and TV models affected: webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA webOS 5.5.0 - 04.50.51...

9.8CVSS5.8AI score0.01078EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/04/09 1:41 p.m.9 views

CVE-2023-6317 PIN/prompt bypass on the secondscreen.gateway service allows access to the SSAP API without user interaction

A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7. An attacker can create a privileged account without asking the user for the security PIN. Full versions and TV models affected: webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA webOS 5.5.0 - 04.50.51...

7.2CVSS7.2AI score0.01078EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/04/09 1:41 p.m.19 views

CVE-2023-6317 PIN/prompt bypass on the secondscreen.gateway service allows access to the SSAP API without user interaction

A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7. An attacker can create a privileged account without asking the user for the security PIN. Full versions and TV models affected: webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA webOS 5.5.0 - 04.50.51...

7.2CVSS7.2AI score0.01078EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2024/04/09 1:5 p.m.47 views

Researchers Discover LG Smart TV Vulnerabilities Allowing Root Access

Multiple security vulnerabilities have been disclosed in LG webOS running on its smart televisions that could be exploited to bypass authorization and gain root access on the devices. The findings come from Romanian cybersecurity firm Bitdefender, which discovered and reported the flaws in Novemb...

8.7AI score0.06437EPSS
Exploits5
Rows per page
Query Builder