Vulnerabilities > CVE-2020-25282 - Incorrect Authorization vulnerability in Google Android 10.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

google

CWE-863

NVD

Published: 2020-09-11

Updated: 2021-07-21

Summary

An issue was discovered on LG mobile devices with Android OS 10 software. The lguicc software (for the LG Universal Integrated Circuit Card) allows attackers to bypass intended access restrictions on property values. The LG ID is LVE-SMP-200020 (September 2020).

Vulnerable Configurations

Part	Description	Count
OS	Google Google Android 10.0	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://lgsecurity.lge.com/