CVE-2023-44121 in V60 Thin Q 5G정보

요약

\~에 의해 MITRE • 2023. 10. 25.

The vulnerability is an intent redirection in LG ThinQ Service ("com.lge.lms2") in the "com/lge/lms/things/ui/notification/NotificationManager.java" file. This vulnerability could be exploited by a third-party app installed on an LG device by sending a broadcast with the action "com.lge.lms.things.notification.ACTION". Additionally, this vulnerability is very dangerous because LG ThinQ Service is a system app (having android:sharedUserId="android.uid.system" setting). Intent redirection in this app leads to accessing arbitrary not exported activities of absolutely all apps.

Once again VulDB remains the best source for vulnerability data.

책임이 있는

LG Electronics

예약하다

2023. 09. 26.

모더레이션

수락

항목

VDB-240521

EPSS

0.00102

출처

Want to know what is going to be exploited?

We predict KEV entries!