{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. Unprivileged applications can execute shell commands via the connectivity service. The LG ID is LVE-SMP-190008 (August 2019)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-04-17T13:36:26", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://lgsecurity.lge.com/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-20773", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. Unprivileged applications can execute shell commands via the connectivity service. The LG ID is LVE-SMP-190008 (August 2019)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://lgsecurity.lge.com/", "refsource": "CONFIRM", "url": "https://lgsecurity.lge.com/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T02:53:09.228Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://lgsecurity.lge.com/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-20773", "datePublished": "2020-04-17T13:36:26", "dateReserved": "2020-04-17T00:00:00", "dateUpdated": "2024-08-05T02:53:09.228Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "09E6085C-A61E-4A89-BF80-EDD9A7DF1E47", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "DBCA7605-6348-400D-9844-97E0144C2BF5", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "374CEEA9-3B03-4F6F-BF3E-2393E72BF2A7", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "B578E383-0D77-4AC7-9C81-3F0B8C18E033", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. Unprivileged applications can execute shell commands via the connectivity service. The LG ID is LVE-SMP-190008 (August 2019)."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en los dispositivos m\u00f3viles LG con el software del Sistema Operativo Android versiones 7.0, 7.1, 7.2, 8.0, 8.1 y 9.0. Las aplicaciones sin privilegios pueden ejecutar comandos de shell por medio del servicio de conectividad. El ID de LG es LVE-SMP-190008 (Agosto 2019)."}], "id": "CVE-2019-20773", "lastModified": "2024-11-21T04:39:19.687", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-17T14:15:15.067", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://lgsecurity.lge.com/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://lgsecurity.lge.com/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}