CVE-2023-44121 (GCVE-0-2023-44121)
Vulnerability from cvelistv5
Published
2023-09-27 08:36
Modified
2024-09-23 18:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-926 - Improper Export of Android Application Components
Summary
The vulnerability is an intent redirection in LG ThinQ Service ("com.lge.lms2") in the "com/lge/lms/things/ui/notification/NotificationManager.java" file. This vulnerability could be exploited by a third-party app installed on an LG device by sending a broadcast with the action "com.lge.lms.things.notification.ACTION". Additionally, this vulnerability is very dangerous because LG ThinQ Service is a system app (having android:sharedUserId="android.uid.system" setting). Intent redirection in this app leads to accessing arbitrary not exported activities of absolutely all apps.
References
| ► | URL | Tags | |
|---|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| LG Electronics | LG V60 Thin Q 5G(LMV600VM) |
Version: Android 9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:59:51.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/mobile#updateDetails"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-23T17:32:05.331280Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T18:16:52.161Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LG V60 Thin Q 5G(LMV600VM)",
"vendor": "LG Electronics",
"versions": [
{
"lessThanOrEqual": "13",
"status": "affected",
"version": "Android 9",
"versionType": "Android"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability is an intent redirection in LG ThinQ Service (\"com.lge.lms2\") in the \"com/lge/lms/things/ui/notification/NotificationManager.java\" file. This vulnerability could be exploited by a third-party app installed on an LG device by sending a broadcast with the action \"com.lge.lms.things.notification.ACTION\". Additionally, this vulnerability is very dangerous because LG ThinQ Service is a system app (having android:sharedUserId=\"android.uid.system\" setting). Intent redirection in this app leads to accessing arbitrary not exported activities of absolutely all apps."
}
],
"value": "The vulnerability is an intent redirection in LG ThinQ Service (\"com.lge.lms2\") in the \"com/lge/lms/things/ui/notification/NotificationManager.java\" file. This vulnerability could be exploited by a third-party app installed on an LG device by sending a broadcast with the action \"com.lge.lms.things.notification.ACTION\". Additionally, this vulnerability is very dangerous because LG ThinQ Service is a system app (having android:sharedUserId=\"android.uid.system\" setting). Intent redirection in this app leads to accessing arbitrary not exported activities of absolutely all apps."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926 Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-27T13:46:15.312Z",
"orgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb",
"shortName": "LGE"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lgsecurity.lge.com/bulletins/mobile#updateDetails"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "LG ThinQ Service - Intent redirection with system privilege/LaunchAnyWhere",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb",
"assignerShortName": "LGE",
"cveId": "CVE-2023-44121",
"datePublished": "2023-09-27T08:36:44.574Z",
"dateReserved": "2023-09-26T05:57:13.268Z",
"dateUpdated": "2024-09-23T18:16:52.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-44121\",\"sourceIdentifier\":\"product.security@lge.com\",\"published\":\"2023-09-27T15:19:35.680\",\"lastModified\":\"2024-11-21T08:25:17.283\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The vulnerability is an intent redirection in LG ThinQ Service (\\\"com.lge.lms2\\\") in the \\\"com/lge/lms/things/ui/notification/NotificationManager.java\\\" file. This vulnerability could be exploited by a third-party app installed on an LG device by sending a broadcast with the action \\\"com.lge.lms.things.notification.ACTION\\\". Additionally, this vulnerability is very dangerous because LG ThinQ Service is a system app (having android:sharedUserId=\\\"android.uid.system\\\" setting). Intent redirection in this app leads to accessing arbitrary not exported activities of absolutely all apps.\"},{\"lang\":\"es\",\"value\":\"La vulnerabilidad es una redirecci\u00f3n de intenci\u00f3n en LG ThinQ Service (\\\"com.lge.lms2\\\") en el archivo \\\"com/lge/lms/things/ui/notification/NotificationManager.java\\\". Esta vulnerabilidad podr\u00eda ser aprovechada por una aplicaci\u00f3n de terceros instalada en un dispositivo LG enviando una transmisi\u00f3n con la acci\u00f3n \\\"com.lge.lms.things.notification.ACTION\\\". Adem\u00e1s, esta vulnerabilidad es muy peligrosa porque LG ThinQ Service es una aplicaci\u00f3n del sistema (que tiene la configuraci\u00f3n android:sharedUserId=\\\"android.uid.system\\\"). La redirecci\u00f3n de intenciones en esta aplicaci\u00f3n conduce a acceder a actividades arbitrarias no exportadas de absolutamente todas las aplicaciones.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"product.security@lge.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L\",\"baseScore\":5.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.8,\"impactScore\":2.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"product.security@lge.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-926\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0\",\"versionEndIncluding\":\"13.0\",\"matchCriteriaId\":\"78DA7F57-664C-4188-BA3C-B262B9865BBB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:lg:v60_thin_q_5g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85B3B7D2-762E-4DD5-90F9-5246907748C4\"}]}]}],\"references\":[{\"url\":\"https://lgsecurity.lge.com/bulletins/mobile#updateDetails\",\"source\":\"product.security@lge.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lgsecurity.lge.com/bulletins/mobile#updateDetails\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lgsecurity.lge.com/bulletins/mobile#updateDetails\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T19:59:51.069Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-44121\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-23T17:32:05.331280Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-23T18:16:46.657Z\"}}], \"cna\": {\"title\": \"LG ThinQ Service - Intent redirection with system privilege/LaunchAnyWhere\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-122\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-122 Privilege Abuse\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"LG Electronics\", \"product\": \"LG V60 Thin Q 5G(LMV600VM)\", \"versions\": [{\"status\": \"affected\", \"version\": \"Android 9\", \"versionType\": \"Android\", \"lessThanOrEqual\": \"13\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lgsecurity.lge.com/bulletins/mobile#updateDetails\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The vulnerability is an intent redirection in LG ThinQ Service (\\\"com.lge.lms2\\\") in the \\\"com/lge/lms/things/ui/notification/NotificationManager.java\\\" file. This vulnerability could be exploited by a third-party app installed on an LG device by sending a broadcast with the action \\\"com.lge.lms.things.notification.ACTION\\\". Additionally, this vulnerability is very dangerous because LG ThinQ Service is a system app (having android:sharedUserId=\\\"android.uid.system\\\" setting). Intent redirection in this app leads to accessing arbitrary not exported activities of absolutely all apps.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The vulnerability is an intent redirection in LG ThinQ Service (\\\"com.lge.lms2\\\") in the \\\"com/lge/lms/things/ui/notification/NotificationManager.java\\\" file. This vulnerability could be exploited by a third-party app installed on an LG device by sending a broadcast with the action \\\"com.lge.lms.things.notification.ACTION\\\". Additionally, this vulnerability is very dangerous because LG ThinQ Service is a system app (having android:sharedUserId=\\\"android.uid.system\\\" setting). Intent redirection in this app leads to accessing arbitrary not exported activities of absolutely all apps.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-926\", \"description\": \"CWE-926 Improper Export of Android Application Components\"}]}], \"providerMetadata\": {\"orgId\": \"42f21055-226c-4bce-a3c8-ecf55a3551fb\", \"shortName\": \"LGE\", \"dateUpdated\": \"2023-09-27T13:46:15.312Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-44121\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-23T18:16:52.161Z\", \"dateReserved\": \"2023-09-26T05:57:13.268Z\", \"assignerOrgId\": \"42f21055-226c-4bce-a3c8-ecf55a3551fb\", \"datePublished\": \"2023-09-27T08:36:44.574Z\", \"assignerShortName\": \"LGE\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…