{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-44128", "assignerOrgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb", "state": "PUBLISHED", "assignerShortName": "LGE", "dateReserved": "2023-09-26T05:57:13.719Z", "datePublished": "2023-09-27T14:08:51.040Z", "dateUpdated": "2024-09-20T19:45:38.716Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "LG V60 Thin Q 5G(LMV600VM)", "vendor": "LG Electronics", "versions": [{"lessThanOrEqual": "13", "status": "affected", "version": "Android 4", "versionType": "Android"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "he vulnerability is to delete arbitrary files in LGInstallService (\"com.lge.lginstallservies\") app. The app contains the exported \"com.lge.lginstallservies.InstallService\" service that exposes an AIDL interface. All its \"installPackage*\" methods are finally calling the \"installPackageVerify()\" method that performs signature validation after the delete file method. An attacker can control conditions so this security check is never performed and an attacker-controlled file is deleted."}], "value": "he vulnerability is to delete arbitrary files in LGInstallService (\"com.lge.lginstallservies\") app. The app contains the exported \"com.lge.lginstallservies.InstallService\" service that exposes an AIDL interface. All its \"installPackage*\" methods are finally calling the \"installPackageVerify()\" method that performs signature validation after the delete file method. An attacker can control conditions so this security check is never performed and an attacker-controlled file is deleted."}], "impacts": [{"capecId": "CAPEC-29", "descriptions": [{"lang": "en", "value": "CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-367", "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb", "shortName": "LGE", "dateUpdated": "2023-09-27T14:13:34.358Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://lgsecurity.lge.com/bulletins/mobile#updateDetails"}], "source": {"discovery": "UNKNOWN"}, "title": "LGInstallService - Deletion of arbitrary files with system privilege", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:59:50.897Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://lgsecurity.lge.com/bulletins/mobile#updateDetails"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-20T18:09:46.318108Z", "id": "CVE-2023-44128", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-20T19:45:38.716Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://lgsecurity.lge.com/bulletins/mobile#updateDetails", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:59:50.897Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-44128", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-20T18:09:46.318108Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-20T19:44:25.646Z"}}], "cna": {"title": "LGInstallService - Deletion of arbitrary files with system privilege", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-29", "descriptions": [{"lang": "en", "value": "CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "LG Electronics", "product": "LG V60 Thin Q 5G(LMV600VM)", "versions": [{"status": "affected", "version": "Android 4", "versionType": "Android", "lessThanOrEqual": "13"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://lgsecurity.lge.com/bulletins/mobile#updateDetails", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "he vulnerability is to delete arbitrary files in LGInstallService (\"com.lge.lginstallservies\") app. The app contains the exported \"com.lge.lginstallservies.InstallService\" service that exposes an AIDL interface. All its \"installPackage*\" methods are finally calling the \"installPackageVerify()\" method that performs signature validation after the delete file method. An attacker can control conditions so this security check is never performed and an attacker-controlled file is deleted.", "supportingMedia": [{"type": "text/html", "value": "he vulnerability is to delete arbitrary files in LGInstallService (\"com.lge.lginstallservies\") app. The app contains the exported \"com.lge.lginstallservies.InstallService\" service that exposes an AIDL interface. All its \"installPackage*\" methods are finally calling the \"installPackageVerify()\" method that performs signature validation after the delete file method. An attacker can control conditions so this security check is never performed and an attacker-controlled file is deleted.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-367", "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition"}]}], "providerMetadata": {"orgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb", "shortName": "LGE", "dateUpdated": "2023-09-27T14:13:34.358Z"}}}, "cveMetadata": {"cveId": "CVE-2023-44128", "state": "PUBLISHED", "dateUpdated": "2024-09-20T19:45:38.716Z", "dateReserved": "2023-09-26T05:57:13.719Z", "assignerOrgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb", "datePublished": "2023-09-27T14:08:51.040Z", "assignerShortName": "LGE"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D92B47F-F5BA-4C09-A194-4FE2D23CE28D", "versionEndIncluding": "13.0", "versionStartIncluding": "4.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lg:v60_thin_q_5g:-:*:*:*:*:*:*:*", "matchCriteriaId": "85B3B7D2-762E-4DD5-90F9-5246907748C4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "he vulnerability is to delete arbitrary files in LGInstallService (\"com.lge.lginstallservies\") app. The app contains the exported \"com.lge.lginstallservies.InstallService\" service that exposes an AIDL interface. All its \"installPackage*\" methods are finally calling the \"installPackageVerify()\" method that performs signature validation after the delete file method. An attacker can control conditions so this security check is never performed and an attacker-controlled file is deleted."}, {"lang": "es", "value": "La vulnerabilidad consiste en eliminar archivos arbitrarios en la aplicaci\u00f3n LGInstallService (\"com.lge.lginstallservies\"). La aplicaci\u00f3n contiene el servicio \"com.lge.lginstallservies.InstallService\" exportado que expone una interfaz AIDL. Todos sus m\u00e9todos \"installPackage*\" finalmente llaman al m\u00e9todo \"installPackageVerify()\" que realiza la validaci\u00f3n de la firma despu\u00e9s del m\u00e9todo de eliminaci\u00f3n del archivo. Un atacante puede controlar las condiciones para que esta verificaci\u00f3n de seguridad nunca se realice y se elimine un archivo controlado por el atacante."}], "id": "CVE-2023-44128", "lastModified": "2024-11-21T08:25:18.250", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 2.7, "source": "product.security@lge.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.6, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-27T15:19:37.217", "references": [{"source": "product.security@lge.com", "tags": ["Vendor Advisory"], "url": "https://lgsecurity.lge.com/bulletins/mobile#updateDetails"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://lgsecurity.lge.com/bulletins/mobile#updateDetails"}], "sourceIdentifier": "product.security@lge.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-367"}], "source": "product.security@lge.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-367"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}