CVE-2020-7807
5.6
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H
Summary
A vulnerability that can hijack a DLL file that is loaded during products(LGPCSuite_Setup, IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) installation into a DLL file that the hacker wants. Missing Support for Integrity Check vulnerability in COMPONENT of LG Electronics (LGPCSuite_Setup), (IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) allows ATTACKER/ATTACK to cause IMPACT. This issue affects: LG Electronics; LGPCSuite_Setup : 1.0.0.3 on Windows(x86, x64); IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup : 1.0.0.9 on Windows(x86, x64).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| LG Electronics | (LGPCSuite_Setup), (IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) | IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup.exe 1.0.0.3 | affected |
| LG Electronics | (LGPCSuite_Setup), (IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) | LGPCSuite_Setup.exe 1.0.0.9 | affected |
Weaknesses
- CWE-353: CWE-353 Missing Support for Integrity Check
ADP Enrichment
CVE Program Container
Additional References
- https://lgsecurity.lge.com/
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35587
References
- https://lgsecurity.lge.com/
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35587
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.