CVE-2020-12753 Information
Feb 14, 2021
cve
Description
An issue was discovered on LG mobile devices with Android OS 7.2 8.0 8.1 9 and 10 software. Arbitrary code execution can occur via the bootloader because of an EL1/EL3 coldboot vulnerability involving raw_resources. The LG ID is LVE-SMP-200006 (May 2020).
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Reference
https://douevenknow.us/post/619763074822520832/an-el1el3-coldboot-vulnerability https://lgsecurity.lge.com/ https://www.zdnet.com/article/new-cold-boot-attack-affects-seven-years-of-lg-android-smartphones/
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
9.8
Share on: