Vulnerability Details CVE-2020-12753
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. Arbitrary code execution can occur via the bootloader because of an EL1/EL3 coldboot vulnerability involving raw_resources. The LG ID is LVE-SMP-200006 (May 2020).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.039
EPSS Ranking 87.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://douevenknow.us/post/619763074822520832/an-el1el3-coldboot-vulnerability
- https://lgsecurity.lge.com/
- https://www.zdnet.com/article/new-cold-boot-attack-affects-seven-years-of-lg-android-smartphones/
- https://douevenknow.us/post/619763074822520832/an-el1el3-coldboot-vulnerability
- https://lgsecurity.lge.com/
- https://www.zdnet.com/article/new-cold-boot-attack-affects-seven-years-of-lg-android-smartphones/
Products affected by CVE-2020-12753
-
cpe:2.3:o:google:android:10.0
-
cpe:2.3:o:google:android:7.2
-
cpe:2.3:o:google:android:8.0
-
cpe:2.3:o:google:android:8.1
-
cpe:2.3:o:google:android:9.0