CVE-2020-13839
Severity CVSS v4.0:
Pending analysis
Type:
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Publication date:
05/06/2020
Last modified:
11/06/2020
Description
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via a custom AT command handler buffer overflow. The LG ID is LVE-SMP-200007 (June 2020).
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:google:android:7.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:* | ||
| cpe:2.3:h:lg:cv1:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:lg:cv1s:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:lg:cv3:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:lg:cv5:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:lg:cv7:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:lg:cv7as:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:lg:dh10:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:lg:dh15:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:lg:dh30:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:lg:dh35:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page