Lucene search

[email protected]CVE-2018-14981

HistoryAug 17, 2018 - 8:29 p.m.

CVE-2018-14981

2018-08-1720:29:16

CWE-732

[email protected]

web.nvd.nist.gov

lg devices

android

access control

systemui

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.5%

JSON

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for SystemUI application intents. The LG ID is LVE-SMP-180005.

Affected configurations

NVD

Node

googleandroidMatch6.0

googleandroidMatch6.0.1

googleandroidMatch7.0

googleandroidMatch7.1

googleandroidMatch7.2

googleandroidMatch8.0

googleandroidMatch8.1

AND

lgg5Match-

lgg6Match-

lgg6\+Match-

lgq6Match-

lgq8Match-

lgv10Match-

lgv20Match-

lgv30Match-

lgv30\+Match-

lgv30s_thinqMatch-

lgx_camMatch-

lgx300Match-

lgx400Match-

lgx500Match-

CPENameOperatorVersion
google:androidgoogle androideq6.0
google:androidgoogle androideq6.0.1
google:androidgoogle androideq7.0
google:androidgoogle androideq7.1
google:androidgoogle androideq7.2
google:androidgoogle androideq8.0
google:androidgoogle androideq8.1

CPE	Name	Operator	Version
google:android	google android	eq	6.0
google:android	google android	eq	6.0.1
google:android	google android	eq	7.0
google:android	google android	eq	7.1
google:android	google android	eq	7.2
google:android	google android	eq	8.0
google:android	google android	eq	8.1

References

lgsecurity.lge.com/security_updates.html

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.5%

JSON

Related for CVE-2018-14981

cvelist1 prion1 nvd1