CVE-2019-20777

EUVD-2019-11316
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA Provisioning on V40 and G7 devices. The LG ID is LVE-SMP-190006 (July 2019).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Affected Products (NVD)
VendorProductVersion
googleandroid
7.0
googleandroid
7.1
googleandroid
7.2
googleandroid
8.0
googleandroid
8.1
googleandroid
9.0
𝑥
= Vulnerable software versions
References
https://lgsecurity.lge.com/
https://lgsecurity.lge.com/