CVE-2020-13840

Published: Jun 5, 2020Modified: Jun 17, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via an MTK AT command handler buffer overflow. The LG ID is LVE-SMP-200008 (June 2020).

Affected (5)

Products: Google: Android

Google

1 product

Android

Configuration A

5 vulnerable · 34 platform

Vulnerable Software	Affected Versions
Google Android	Version 10.0
Google Android	Version 7.2
Google Android	Version 8.0
Google Android	Version 8.1
Google Android	Version 9.0

Running on/with	Platform Versions
Lg Cv1	All versions
Lg Cv1s	All versions
Lg Cv3	All versions
Lg Cv5	All versions
Lg Cv7	All versions
Lg Cv7as	All versions
Lg Dh10	All versions
Lg Dh15	All versions
Lg Dh30	All versions
Lg Dh35	All versions
Lg Dh40	All versions
Lg Dh5	All versions
Lg Dh50	All versions
Lg G6	All versions
Lg G7	All versions
Lg G8	All versions
Lg K20	All versions
Lg K30	All versions
Lg K40	All versions
Lg K50	All versions
Lg Q6	All versions
Lg Q60	All versions
Lg Q70	All versions
Lg Q8	All versions
Lg V20	All versions
Lg V30	All versions
Lg V35	All versions
Lg V40	All versions
Lg V50	All versions
Lg V60	All versions
Lg X300	All versions
Lg X400	All versions
Lg X500	All versions
Lg X Cam	All versions

Related CWEs

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (2)

https://lgsecurity.lge.com/

Source: cve@mitre.org

Vendor Advisory

https://lgsecurity.lge.com/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.