{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via an MTK AT command handler buffer overflow. The LG ID is LVE-SMP-200008 (June 2020)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-04T23:24:40", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://lgsecurity.lge.com/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-13840", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via an MTK AT command handler buffer overflow. The LG ID is LVE-SMP-200008 (June 2020)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://lgsecurity.lge.com/", "refsource": "CONFIRM", "url": "https://lgsecurity.lge.com/"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-13840", "datePublished": "2020-06-04T23:24:40", "dateReserved": "2020-06-04T00:00:00", "dateUpdated": "2020-06-04T23:24:40", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "374CEEA9-3B03-4F6F-BF3E-2393E72BF2A7", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "B578E383-0D77-4AC7-9C81-3F0B8C18E033", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lg:cv1:-:*:*:*:*:*:*:*", "matchCriteriaId": "3184A6C2-4499-4325-AA6B-9235891431B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:cv1s:-:*:*:*:*:*:*:*", "matchCriteriaId": "89334FBD-7962-49EF-B99C-2C7C68D4784A", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:cv3:-:*:*:*:*:*:*:*", "matchCriteriaId": "5459DD60-4674-40C2-9070-A43F4625049C", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:cv5:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD527FA3-6B37-49AF-AA65-C3D2280D94FF", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:cv7:-:*:*:*:*:*:*:*", "matchCriteriaId": "201240C1-DBFE-4E4B-910C-C89CA34F20F9", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:cv7as:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E013D7F-DFE8-43DE-9CA5-C4175920DA7C", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:dh10:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C772FAC-D629-4B6A-8AF2-DE5F21EAD6FB", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:dh15:-:*:*:*:*:*:*:*", "matchCriteriaId": "4ED9F839-3481-4385-B48D-D4EB5F87E827", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:dh30:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D1324D4-B9C3-4230-9079-0EDABB8DE8C2", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:dh35:-:*:*:*:*:*:*:*", "matchCriteriaId": "1801B468-55B8-425B-9CD9-F155EF8C6D3E", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:dh40:-:*:*:*:*:*:*:*", "matchCriteriaId": "F5656FF7-AEDA-45DD-A094-317470D630B0", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:dh5:-:*:*:*:*:*:*:*", "matchCriteriaId": "5524D0D5-7511-428C-8B4F-A543DB821FAE", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:dh50:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9C65155-41BF-4E09-9566-BAB1002B8C2A", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:g6:-:*:*:*:*:*:*:*", "matchCriteriaId": "B420AF79-29A6-4F48-905E-4D6525AB7AE3", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:g7:-:*:*:*:*:*:*:*", "matchCriteriaId": "D56F8885-3A72-4AA6-BD32-F7B44DC8F5CB", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:g8:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD283652-FACB-48E2-AEA2-62BFB9A3563D", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:k20:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5B41FD2-A604-4F13-802E-EFB7E4B4E186", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:k30:-:*:*:*:*:*:*:*", "matchCriteriaId": "92717015-3E54-4377-9EAA-3EC7522A2992", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:k40:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9F3DBDA-748E-41CC-9B53-0F2EACAE53B0", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:k50:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4A1A525-CFED-49D2-BB14-3C1017C72397", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:q6:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0330E68-ABF9-4842-8546-0A7736992C09", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:q60:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B74427A-B73F-477C-97E8-AB1B6BF874DE", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:q70:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8FBFD84-00B7-43C9-B2E4-73B93ECC135E", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:q8:-:*:*:*:*:*:*:*", "matchCriteriaId": "C8FB0DB7-C13A-4CE5-9922-D29212194F89", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:v20:-:*:*:*:*:*:*:*", "matchCriteriaId": "3291C1FB-5CEA-4886-930F-C1A81A0E7211", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:v30:-:*:*:*:*:*:*:*", "matchCriteriaId": "D7C92686-117E-43B5-8D79-0BE3C4188EDE", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:v35:-:*:*:*:*:*:*:*", "matchCriteriaId": "B21AF298-6B73-4C3C-9B6E-515BB13CA406", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:v40:-:*:*:*:*:*:*:*", "matchCriteriaId": "914A44D7-7C6E-4433-A061-D7B0CF198AB0", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:v50:-:*:*:*:*:*:*:*", "matchCriteriaId": "EDF444DD-45F1-41A7-96A2-FD756E92BAB9", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:v60:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF163597-5C46-484C-893B-C8848E8DAA0A", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:x_cam:-:*:*:*:*:*:*:*", "matchCriteriaId": "6DEC9BA1-FC3F-4B22-B1B5-275FBFCAB5DF", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:x300:-:*:*:*:*:*:*:*", "matchCriteriaId": "E1EA905A-E757-4C0C-AE9A-746E197B5FFA", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:x400:-:*:*:*:*:*:*:*", "matchCriteriaId": "F608F038-2FD3-4DD3-9257-3EC69F5617AE", "vulnerable": false}, {"criteria": "cpe:2.3:h:lg:x500:-:*:*:*:*:*:*:*", "matchCriteriaId": "6DC6EB06-EA13-4784-8413-BD89A60744D0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via an MTK AT command handler buffer overflow. The LG ID is LVE-SMP-200008 (June 2020)."}, {"lang": "es", "value": "Se detect\u00f3 un problema en los dispositivos m\u00f3viles LG con Sistema Operativo Android versiones 7.2, 8.0, 8.1, 9 y 10 (chipsets MTK). Una ejecuci\u00f3n de c\u00f3digo puede ocurrir por medio de un desbordamiento del b\u00fafer del manejador de comando MTK AT. El ID de LG es LVE-SMP-200008 (Junio de 2020)"}], "id": "CVE-2020-13840", "lastModified": "2020-06-11T15:32:48.597", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-05T00:15:10.880", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://lgsecurity.lge.com/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}