Search criteria
16 vulnerabilities found for WebOS by LG
CVE-2023-6320 (GCVE-0-2023-6320)
Vulnerability from nvd – Published: 2024-04-09 13:43 – Updated: 2024-08-02 08:28
VLAI?
Title
Command injection in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint
Summary
A command injection vulnerability exists in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint on webOS versions 5 and 6. A series of specially crafted requests can lead to command execution as the dbus user. An attacker can make authenticated requests to trigger this vulnerability.
Full versions and TV models affected:
* webOS 5.5.0 - 04.50.51 running on OLED55CXPUA
* webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB
Severity ?
9.1 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Credits
Alexandru Lazăr of Bitdefender Labs
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:lg:webos:5.5.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "5.5.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:lg:webos:6.3.3-442:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "6.3.3-442"
}
]
},
{
"cpes": [
"cpe:2.3:a:lg:webos:7.3.1-43:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "7.3.1-43"
}
]
},
{
"cpes": [
"cpe:2.3:a:lg:webos:4.9.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "4.9.7"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6320",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-10T17:10:05.186742Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:40:09.500Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.166Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "webOS",
"vendor": "LG",
"versions": [
{
"status": "affected",
"version": "5.5.0"
},
{
"status": "affected",
"version": "6.3.3-442"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Laz\u0103r of Bitdefender Labs"
}
],
"datePublic": "2024-04-09T11:32:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA command injection vulnerability exists in the \u003cb\u003ecom.webos.service.connectionmanager/tv/setVlanStaticAddress \u003c/b\u003eendpoint on webOS versions 5 and 6. A series of specially crafted requests can lead to command execution as the \u003ci\u003edbus \u003c/i\u003euser. An attacker can make authenticated requests to trigger this vulnerability.\u003c/p\u003eFull versions and TV models affected:\u003cbr\u003e\u003cul\u003e\u003cli\u003ewebOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u0026nbsp;\u003cbr\u003e\u003c/li\u003e\u003cli\u003ewebOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "A command injection vulnerability exists in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint on webOS versions 5 and 6. A series of specially crafted requests can lead to command execution as the dbus user. An attacker can make authenticated requests to trigger this vulnerability.\n\nFull versions and TV models affected:\n * webOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u00a0\n\n * webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-18T07:35:31.817Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Command injection in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6320",
"datePublished": "2024-04-09T13:43:35.166Z",
"dateReserved": "2023-11-27T14:22:32.470Z",
"dateUpdated": "2024-08-02T08:28:21.166Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6319 (GCVE-0-2023-6319)
Vulnerability from nvd – Published: 2024-04-09 13:42 – Updated: 2024-08-02 08:28
VLAI?
Title
Command injection in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service
Summary
A command injection vulnerability exists in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service on webOS version 4 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.
* webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA
* webOS 5.5.0 - 04.50.51 running on OLED55CXPUA
* webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB
* webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA
Severity ?
9.1 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
Credits
Alexandru Lazăr of Bitdefender Labs
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:lg:webos:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "4.9.7"
},
{
"status": "affected",
"version": "5.5.0"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.3.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6319",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-11T17:22:04.377668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T15:20:35.161Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "webOS",
"vendor": "LG",
"versions": [
{
"status": "affected",
"version": "4.9.7"
},
{
"status": "affected",
"version": "5.5.0"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.3.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Laz\u0103r of Bitdefender Labs"
}
],
"datePublic": "2024-04-09T11:27:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA command injection vulnerability exists in the \u003cb\u003egetAudioMetadata\u003c/b\u003e\u0026nbsp;method from the \u003cb\u003ecom.webos.service.attachedstoragemanager \u003c/b\u003eservice on webOS version 4 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.\u003c/p\u003e\u003cul\u003e\u003cli\u003ewebOS 4.9.7 - 5.30.40 running on LG43UM7000PLA\u0026nbsp;\u003cbr\u003e\u003c/li\u003e\u003cli\u003ewebOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u0026nbsp;\u003cbr\u003e\u003c/li\u003e\u003cli\u003ewebOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\u0026nbsp;\u003cbr\u003e\u003c/li\u003e\u003cli\u003ewebOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "A command injection vulnerability exists in the getAudioMetadata\u00a0method from the com.webos.service.attachedstoragemanager service on webOS version 4 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.\n\n * webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA\u00a0\n\n * webOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u00a0\n\n * webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\u00a0\n\n * webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-18T07:35:16.311Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An update to a newer firmware version fixes the issue.\u003cbr\u003e"
}
],
"value": "An update to a newer firmware version fixes the issue.\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Command injection in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6319",
"datePublished": "2024-04-09T13:42:06.203Z",
"dateReserved": "2023-11-27T14:21:55.241Z",
"dateUpdated": "2024-08-02T08:28:21.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6318 (GCVE-0-2023-6318)
Vulnerability from nvd – Published: 2024-04-09 13:41 – Updated: 2024-08-02 08:28
VLAI?
Title
Command injection in the processAnalyticsReport method from the com.webos.service.cloudupload service
Summary
A command injection vulnerability exists in the processAnalyticsReport method from the com.webos.service.cloudupload service on webOS version 5 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.
Full versions and TV models affected:
* webOS 5.5.0 - 04.50.51 running on OLED55CXPUA
* webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB
* webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA
Severity ?
9.1 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
Credits
Alexandru Lazăr of Bitdefender Labs
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:lg:webos:5.5.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "5.5.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:lg:webos:6.3.3-442:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "6.3.3-442"
}
]
},
{
"cpes": [
"cpe:2.3:a:lg:webos:7.3.1-43:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "7.3.1-43"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6318",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T17:25:01.159765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T17:29:37.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "webOS",
"vendor": "LG",
"versions": [
{
"status": "affected",
"version": "5.5.0"
},
{
"status": "affected",
"version": "6.3.3-442"
},
{
"status": "affected",
"version": "7.3.1-43 "
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Laz\u0103r of Bitdefender Labs"
}
],
"datePublic": "2024-04-04T11:43:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA command injection vulnerability exists in the \u003cb\u003eprocessAnalyticsReport\u003c/b\u003e\u0026nbsp;method from the \u003cb\u003ecom.webos.service.cloudupload\u003c/b\u003e\u0026nbsp;service on webOS version 5 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.\u003c/p\u003eFull versions and TV models affected:\u003cbr\u003e\u003cbr\u003e\u003cul\u003e\u003cli\u003ewebOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u0026nbsp;\u003cbr\u003e\u003c/li\u003e\u003cli\u003ewebOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\u0026nbsp;\u003cbr\u003e\u003c/li\u003e\u003cli\u003ewebOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "A command injection vulnerability exists in the processAnalyticsReport\u00a0method from the com.webos.service.cloudupload\u00a0service on webOS version 5 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.\n\nFull versions and TV models affected:\n\n * webOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u00a0\n\n * webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\u00a0\n\n * webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-18T07:34:59.024Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An update to a newer firmware version fixes the issue.\u003cbr\u003e"
}
],
"value": "An update to a newer firmware version fixes the issue.\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Command injection in the processAnalyticsReport method from the com.webos.service.cloudupload service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6318",
"datePublished": "2024-04-09T13:41:47.666Z",
"dateReserved": "2023-11-27T14:21:54.210Z",
"dateUpdated": "2024-08-02T08:28:21.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6317 (GCVE-0-2023-6317)
Vulnerability from nvd – Published: 2024-04-09 13:41 – Updated: 2024-08-02 08:28
VLAI?
Title
PIN/prompt bypass on the secondscreen.gateway service allows access to the SSAP API without user interaction
Summary
A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7. An attacker can create a privileged account without asking the user for the security PIN.
Full versions and TV models affected:
webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA
webOS 5.5.0 - 04.50.51 running on OLED55CXPUA
webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB
webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA
Severity ?
7.2 (High)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
Credits
Alexandru Lazăr of Bitdefender Labs
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6317",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T15:53:04.847156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:37.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WebOS",
"vendor": "LG",
"versions": [
{
"status": "affected",
"version": " 4.9.7"
},
{
"status": "affected",
"version": "5.5.0"
},
{
"status": "affected",
"version": "6.3.3-442"
},
{
"status": "affected",
"version": "7.3.1-43"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Laz\u0103r of Bitdefender Labs"
}
],
"datePublic": "2024-04-09T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7. An attacker can create a privileged account without asking the user for the security PIN.\u0026nbsp;\u003cbr\u003e\u003cbr\u003eFull versions and TV models affected:\u003cbr\u003e\u003cbr\u003ewebOS 4.9.7 - 5.30.40 running on LG43UM7000PLA \u003cbr\u003ewebOS 5.5.0 - 04.50.51 running on OLED55CXPUA \u003cbr\u003ewebOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB \u0026nbsp;\u003cbr\u003ewebOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA \u003cbr\u003e"
}
],
"value": "A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7. An attacker can create a privileged account without asking the user for the security PIN.\u00a0\n\nFull versions and TV models affected:\n\nwebOS 4.9.7 - 5.30.40 running on LG43UM7000PLA \nwebOS 5.5.0 - 04.50.51 running on OLED55CXPUA \nwebOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB \u00a0\nwebOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA \n"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-18T07:34:37.533Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An update to a newer firmware version fixes the issue."
}
],
"value": "An update to a newer firmware version fixes the issue."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "PIN/prompt bypass on the secondscreen.gateway service allows access to the SSAP API without user interaction",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6317",
"datePublished": "2024-04-09T13:41:34.843Z",
"dateReserved": "2023-11-27T14:21:53.117Z",
"dateUpdated": "2024-08-02T08:28:21.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23731 (GCVE-0-2022-23731)
Vulnerability from nvd – Published: 2022-03-11 17:54 – Updated: 2024-08-03 03:51
VLAI?
Summary
V8 javascript engine (heap vulnerability) can cause privilege escalation ,which can impact on some webOS TV models.
Severity ?
No CVSS data available.
CWE
- CWE-264 - Permissions, Privileges, and Access Controls
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | LG webOS TV |
Affected:
webOS 4.0 or higher
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:46.021Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LG webOS TV",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "webOS 4.0 or higher"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "V8 javascript engine (heap vulnerability) can cause privilege escalation ,which can impact on some webOS TV models."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264 Permissions, Privileges, and Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-11T17:54:11",
"orgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb",
"shortName": "LGE"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product.security@lge.com",
"ID": "CVE-2022-23731",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LG webOS TV",
"version": {
"version_data": [
{
"version_value": "webOS 4.0 or higher"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "V8 javascript engine (heap vulnerability) can cause privilege escalation ,which can impact on some webOS TV models."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264 Permissions, Privileges, and Access Controls"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lgsecurity.lge.com/bulletins/tv",
"refsource": "MISC",
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb",
"assignerShortName": "LGE",
"cveId": "CVE-2022-23731",
"datePublished": "2022-03-11T17:54:11",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:46.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23730 (GCVE-0-2022-23730)
Vulnerability from nvd – Published: 2022-03-11 17:54 – Updated: 2024-08-03 03:51
VLAI?
Summary
The public API error causes for the attacker to be able to bypass API access control.
Severity ?
No CVSS data available.
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | LG webOS TV |
Affected:
webOS 4.0 or higher
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:46.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LG webOS TV",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "webOS 4.0 or higher"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The public API error causes for the attacker to be able to bypass API access control."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-11T17:54:10",
"orgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb",
"shortName": "LGE"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product.security@lge.com",
"ID": "CVE-2022-23730",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LG webOS TV",
"version": {
"version_data": [
{
"version_value": "webOS 4.0 or higher"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The public API error causes for the attacker to be able to bypass API access control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lgsecurity.lge.com/bulletins/tv",
"refsource": "MISC",
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb",
"assignerShortName": "LGE",
"cveId": "CVE-2022-23730",
"datePublished": "2022-03-11T17:54:10",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:46.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23727 (GCVE-0-2022-23727)
Vulnerability from nvd – Published: 2022-01-28 19:09 – Updated: 2024-08-03 03:51
VLAI?
Summary
There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting environments, local attacker is able to perform specific operation to exploit this vulnerability. Exploitation may cause the attacker to obtain a higher privilege
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:45.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting environments, local attacker is able to perform specific operation to exploit this vulnerability. Exploitation may cause the attacker to obtain a higher privilege"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-28T19:09:30",
"orgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb",
"shortName": "LGE"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product.security@lge.com",
"ID": "CVE-2022-23727",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting environments, local attacker is able to perform specific operation to exploit this vulnerability. Exploitation may cause the attacker to obtain a higher privilege"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lgsecurity.lge.com/bulletins/tv",
"refsource": "MISC",
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb",
"assignerShortName": "LGE",
"cveId": "CVE-2022-23727",
"datePublished": "2022-01-28T19:09:30",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:45.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9759 (GCVE-0-2020-9759)
Vulnerability from nvd – Published: 2020-03-23 15:36 – Updated: 2024-09-17 03:39
VLAI?
Title
webOS TV Emulator privilege escalation vulnerability
Summary
A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files.
Severity ?
4.6 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:04.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html"
},
{
"name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2770-1] weechat security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-30T13:06:16",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html"
},
{
"name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2770-1] weechat security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00018.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "webOS TV Emulator privilege escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2020-10-08T02:19:00.000Z",
"ID": "CVE-2020-9759",
"STATE": "PUBLIC",
"TITLE": "webOS TV Emulator privilege escalation vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html",
"refsource": "CONFIRM",
"url": "https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html"
},
{
"name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2770-1] weechat security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00018.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-9759",
"datePublished": "2020-03-23T15:36:51.058415Z",
"dateReserved": "2020-03-02T00:00:00",
"dateUpdated": "2024-09-17T03:39:08.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6320 (GCVE-0-2023-6320)
Vulnerability from cvelistv5 – Published: 2024-04-09 13:43 – Updated: 2024-08-02 08:28
VLAI?
Title
Command injection in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint
Summary
A command injection vulnerability exists in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint on webOS versions 5 and 6. A series of specially crafted requests can lead to command execution as the dbus user. An attacker can make authenticated requests to trigger this vulnerability.
Full versions and TV models affected:
* webOS 5.5.0 - 04.50.51 running on OLED55CXPUA
* webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB
Severity ?
9.1 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Credits
Alexandru Lazăr of Bitdefender Labs
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:lg:webos:5.5.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "5.5.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:lg:webos:6.3.3-442:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "6.3.3-442"
}
]
},
{
"cpes": [
"cpe:2.3:a:lg:webos:7.3.1-43:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "7.3.1-43"
}
]
},
{
"cpes": [
"cpe:2.3:a:lg:webos:4.9.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "4.9.7"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6320",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-10T17:10:05.186742Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T15:40:09.500Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.166Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "webOS",
"vendor": "LG",
"versions": [
{
"status": "affected",
"version": "5.5.0"
},
{
"status": "affected",
"version": "6.3.3-442"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Laz\u0103r of Bitdefender Labs"
}
],
"datePublic": "2024-04-09T11:32:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA command injection vulnerability exists in the \u003cb\u003ecom.webos.service.connectionmanager/tv/setVlanStaticAddress \u003c/b\u003eendpoint on webOS versions 5 and 6. A series of specially crafted requests can lead to command execution as the \u003ci\u003edbus \u003c/i\u003euser. An attacker can make authenticated requests to trigger this vulnerability.\u003c/p\u003eFull versions and TV models affected:\u003cbr\u003e\u003cul\u003e\u003cli\u003ewebOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u0026nbsp;\u003cbr\u003e\u003c/li\u003e\u003cli\u003ewebOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "A command injection vulnerability exists in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint on webOS versions 5 and 6. A series of specially crafted requests can lead to command execution as the dbus user. An attacker can make authenticated requests to trigger this vulnerability.\n\nFull versions and TV models affected:\n * webOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u00a0\n\n * webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-18T07:35:31.817Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Command injection in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6320",
"datePublished": "2024-04-09T13:43:35.166Z",
"dateReserved": "2023-11-27T14:22:32.470Z",
"dateUpdated": "2024-08-02T08:28:21.166Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6319 (GCVE-0-2023-6319)
Vulnerability from cvelistv5 – Published: 2024-04-09 13:42 – Updated: 2024-08-02 08:28
VLAI?
Title
Command injection in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service
Summary
A command injection vulnerability exists in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service on webOS version 4 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.
* webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA
* webOS 5.5.0 - 04.50.51 running on OLED55CXPUA
* webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB
* webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA
Severity ?
9.1 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
Credits
Alexandru Lazăr of Bitdefender Labs
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:lg:webos:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "4.9.7"
},
{
"status": "affected",
"version": "5.5.0"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.3.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6319",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-11T17:22:04.377668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T15:20:35.161Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "webOS",
"vendor": "LG",
"versions": [
{
"status": "affected",
"version": "4.9.7"
},
{
"status": "affected",
"version": "5.5.0"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.3.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Laz\u0103r of Bitdefender Labs"
}
],
"datePublic": "2024-04-09T11:27:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA command injection vulnerability exists in the \u003cb\u003egetAudioMetadata\u003c/b\u003e\u0026nbsp;method from the \u003cb\u003ecom.webos.service.attachedstoragemanager \u003c/b\u003eservice on webOS version 4 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.\u003c/p\u003e\u003cul\u003e\u003cli\u003ewebOS 4.9.7 - 5.30.40 running on LG43UM7000PLA\u0026nbsp;\u003cbr\u003e\u003c/li\u003e\u003cli\u003ewebOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u0026nbsp;\u003cbr\u003e\u003c/li\u003e\u003cli\u003ewebOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\u0026nbsp;\u003cbr\u003e\u003c/li\u003e\u003cli\u003ewebOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "A command injection vulnerability exists in the getAudioMetadata\u00a0method from the com.webos.service.attachedstoragemanager service on webOS version 4 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.\n\n * webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA\u00a0\n\n * webOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u00a0\n\n * webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\u00a0\n\n * webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-18T07:35:16.311Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An update to a newer firmware version fixes the issue.\u003cbr\u003e"
}
],
"value": "An update to a newer firmware version fixes the issue.\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Command injection in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6319",
"datePublished": "2024-04-09T13:42:06.203Z",
"dateReserved": "2023-11-27T14:21:55.241Z",
"dateUpdated": "2024-08-02T08:28:21.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6318 (GCVE-0-2023-6318)
Vulnerability from cvelistv5 – Published: 2024-04-09 13:41 – Updated: 2024-08-02 08:28
VLAI?
Title
Command injection in the processAnalyticsReport method from the com.webos.service.cloudupload service
Summary
A command injection vulnerability exists in the processAnalyticsReport method from the com.webos.service.cloudupload service on webOS version 5 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.
Full versions and TV models affected:
* webOS 5.5.0 - 04.50.51 running on OLED55CXPUA
* webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB
* webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA
Severity ?
9.1 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
Credits
Alexandru Lazăr of Bitdefender Labs
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:lg:webos:5.5.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "5.5.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:lg:webos:6.3.3-442:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "6.3.3-442"
}
]
},
{
"cpes": [
"cpe:2.3:a:lg:webos:7.3.1-43:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "webos",
"vendor": "lg",
"versions": [
{
"status": "affected",
"version": "7.3.1-43"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6318",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T17:25:01.159765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T17:29:37.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "webOS",
"vendor": "LG",
"versions": [
{
"status": "affected",
"version": "5.5.0"
},
{
"status": "affected",
"version": "6.3.3-442"
},
{
"status": "affected",
"version": "7.3.1-43 "
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Laz\u0103r of Bitdefender Labs"
}
],
"datePublic": "2024-04-04T11:43:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA command injection vulnerability exists in the \u003cb\u003eprocessAnalyticsReport\u003c/b\u003e\u0026nbsp;method from the \u003cb\u003ecom.webos.service.cloudupload\u003c/b\u003e\u0026nbsp;service on webOS version 5 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.\u003c/p\u003eFull versions and TV models affected:\u003cbr\u003e\u003cbr\u003e\u003cul\u003e\u003cli\u003ewebOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u0026nbsp;\u003cbr\u003e\u003c/li\u003e\u003cli\u003ewebOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\u0026nbsp;\u003cbr\u003e\u003c/li\u003e\u003cli\u003ewebOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "A command injection vulnerability exists in the processAnalyticsReport\u00a0method from the com.webos.service.cloudupload\u00a0service on webOS version 5 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.\n\nFull versions and TV models affected:\n\n * webOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u00a0\n\n * webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\u00a0\n\n * webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-18T07:34:59.024Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An update to a newer firmware version fixes the issue.\u003cbr\u003e"
}
],
"value": "An update to a newer firmware version fixes the issue.\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Command injection in the processAnalyticsReport method from the com.webos.service.cloudupload service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6318",
"datePublished": "2024-04-09T13:41:47.666Z",
"dateReserved": "2023-11-27T14:21:54.210Z",
"dateUpdated": "2024-08-02T08:28:21.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6317 (GCVE-0-2023-6317)
Vulnerability from cvelistv5 – Published: 2024-04-09 13:41 – Updated: 2024-08-02 08:28
VLAI?
Title
PIN/prompt bypass on the secondscreen.gateway service allows access to the SSAP API without user interaction
Summary
A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7. An attacker can create a privileged account without asking the user for the security PIN.
Full versions and TV models affected:
webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA
webOS 5.5.0 - 04.50.51 running on OLED55CXPUA
webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB
webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA
Severity ?
7.2 (High)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
Credits
Alexandru Lazăr of Bitdefender Labs
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6317",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T15:53:04.847156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:37.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WebOS",
"vendor": "LG",
"versions": [
{
"status": "affected",
"version": " 4.9.7"
},
{
"status": "affected",
"version": "5.5.0"
},
{
"status": "affected",
"version": "6.3.3-442"
},
{
"status": "affected",
"version": "7.3.1-43"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandru Laz\u0103r of Bitdefender Labs"
}
],
"datePublic": "2024-04-09T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7. An attacker can create a privileged account without asking the user for the security PIN.\u0026nbsp;\u003cbr\u003e\u003cbr\u003eFull versions and TV models affected:\u003cbr\u003e\u003cbr\u003ewebOS 4.9.7 - 5.30.40 running on LG43UM7000PLA \u003cbr\u003ewebOS 5.5.0 - 04.50.51 running on OLED55CXPUA \u003cbr\u003ewebOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB \u0026nbsp;\u003cbr\u003ewebOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA \u003cbr\u003e"
}
],
"value": "A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7. An attacker can create a privileged account without asking the user for the security PIN.\u00a0\n\nFull versions and TV models affected:\n\nwebOS 4.9.7 - 5.30.40 running on LG43UM7000PLA \nwebOS 5.5.0 - 04.50.51 running on OLED55CXPUA \nwebOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB \u00a0\nwebOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA \n"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-18T07:34:37.533Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An update to a newer firmware version fixes the issue."
}
],
"value": "An update to a newer firmware version fixes the issue."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "PIN/prompt bypass on the secondscreen.gateway service allows access to the SSAP API without user interaction",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2023-6317",
"datePublished": "2024-04-09T13:41:34.843Z",
"dateReserved": "2023-11-27T14:21:53.117Z",
"dateUpdated": "2024-08-02T08:28:21.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23731 (GCVE-0-2022-23731)
Vulnerability from cvelistv5 – Published: 2022-03-11 17:54 – Updated: 2024-08-03 03:51
VLAI?
Summary
V8 javascript engine (heap vulnerability) can cause privilege escalation ,which can impact on some webOS TV models.
Severity ?
No CVSS data available.
CWE
- CWE-264 - Permissions, Privileges, and Access Controls
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | LG webOS TV |
Affected:
webOS 4.0 or higher
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:46.021Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LG webOS TV",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "webOS 4.0 or higher"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "V8 javascript engine (heap vulnerability) can cause privilege escalation ,which can impact on some webOS TV models."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264 Permissions, Privileges, and Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-11T17:54:11",
"orgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb",
"shortName": "LGE"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product.security@lge.com",
"ID": "CVE-2022-23731",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LG webOS TV",
"version": {
"version_data": [
{
"version_value": "webOS 4.0 or higher"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "V8 javascript engine (heap vulnerability) can cause privilege escalation ,which can impact on some webOS TV models."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264 Permissions, Privileges, and Access Controls"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lgsecurity.lge.com/bulletins/tv",
"refsource": "MISC",
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb",
"assignerShortName": "LGE",
"cveId": "CVE-2022-23731",
"datePublished": "2022-03-11T17:54:11",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:46.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23730 (GCVE-0-2022-23730)
Vulnerability from cvelistv5 – Published: 2022-03-11 17:54 – Updated: 2024-08-03 03:51
VLAI?
Summary
The public API error causes for the attacker to be able to bypass API access control.
Severity ?
No CVSS data available.
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | LG webOS TV |
Affected:
webOS 4.0 or higher
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:46.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LG webOS TV",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "webOS 4.0 or higher"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The public API error causes for the attacker to be able to bypass API access control."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-11T17:54:10",
"orgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb",
"shortName": "LGE"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product.security@lge.com",
"ID": "CVE-2022-23730",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LG webOS TV",
"version": {
"version_data": [
{
"version_value": "webOS 4.0 or higher"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The public API error causes for the attacker to be able to bypass API access control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lgsecurity.lge.com/bulletins/tv",
"refsource": "MISC",
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb",
"assignerShortName": "LGE",
"cveId": "CVE-2022-23730",
"datePublished": "2022-03-11T17:54:10",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:46.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23727 (GCVE-0-2022-23727)
Vulnerability from cvelistv5 – Published: 2022-01-28 19:09 – Updated: 2024-08-03 03:51
VLAI?
Summary
There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting environments, local attacker is able to perform specific operation to exploit this vulnerability. Exploitation may cause the attacker to obtain a higher privilege
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:51:45.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting environments, local attacker is able to perform specific operation to exploit this vulnerability. Exploitation may cause the attacker to obtain a higher privilege"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-28T19:09:30",
"orgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb",
"shortName": "LGE"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product.security@lge.com",
"ID": "CVE-2022-23727",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting environments, local attacker is able to perform specific operation to exploit this vulnerability. Exploitation may cause the attacker to obtain a higher privilege"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lgsecurity.lge.com/bulletins/tv",
"refsource": "MISC",
"url": "https://lgsecurity.lge.com/bulletins/tv"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb",
"assignerShortName": "LGE",
"cveId": "CVE-2022-23727",
"datePublished": "2022-01-28T19:09:30",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-03T03:51:45.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9759 (GCVE-0-2020-9759)
Vulnerability from cvelistv5 – Published: 2020-03-23 15:36 – Updated: 2024-09-17 03:39
VLAI?
Title
webOS TV Emulator privilege escalation vulnerability
Summary
A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files.
Severity ?
4.6 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:04.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html"
},
{
"name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2770-1] weechat security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-30T13:06:16",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html"
},
{
"name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2770-1] weechat security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00018.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "webOS TV Emulator privilege escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2020-10-08T02:19:00.000Z",
"ID": "CVE-2020-9759",
"STATE": "PUBLIC",
"TITLE": "webOS TV Emulator privilege escalation vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html",
"refsource": "CONFIRM",
"url": "https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html"
},
{
"name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2770-1] weechat security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00018.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-9759",
"datePublished": "2020-03-23T15:36:51.058415Z",
"dateReserved": "2020-03-02T00:00:00",
"dateUpdated": "2024-09-17T03:39:08.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}