CVE-2018-14982

Published: Aug 17, 2018Modified: Nov 21, 2024

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control in the GNSS application. The LG ID is LVE-SMP-180004.

Affected (7)

Products: Google: Android

1 product

Configuration A

7 vulnerable · 14 platform

Vulnerable Software	Affected Versions
Google Android	Version 6.0.1
Google Android	Version 6.0
Google Android	Version 7.0
Google Android	Version 7.1
Google Android	Version 7.2
Google Android	Version 8.0
Google Android	Version 8.1

Running on/with	Platform Versions
Lg G5	All versions
Lg G6	All versions
Lg G6+	All versions
Lg Q6	All versions
Lg Q8	All versions
Lg V10	All versions
Lg V20	All versions
Lg V30	All versions
Lg V30+	All versions
Lg V30s Thinq	All versions
Lg X300	All versions
Lg X400	All versions
Lg X500	All versions
Lg X Cam	All versions

Related CWEs

Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References (2)

https://lgsecurity.lge.com/security_updates.html

Source: cve@mitre.org

Third Party Advisory

https://lgsecurity.lge.com/security_updates.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.