News

LG smartphones were vulnerable to cold-boot attacks for 7 years

Photo of James Brown James BrownJune 4, 2020
0 80 1 minute read

Last month, LG developers released the security update LVE-SMP-200006 and fixed a vulnerability that affected all of the company’s Android smartphones. In fact, LG smartphones were vulnerable to cold-boot attacks for about 7 years.

The problem got the identifier CVE-2020-12753, and it is related to the bootloader that comes with LG smartphones.

In March of this year, the American developer Max Thomas discovered this vulnerability in the bootloader.

“I reported this vulnerability in March and gave a 90 day delay on releasing specific details. Also the vulnerability doesn’t require user interaction from coldboot so it’s a bit nasty in that regard. But also this vulnerability sat around for 7 years so it could be argued that, if anything, 90 days is too long”, — explained Max Thomas.

The researcher writes that this bootloader has been added to LG smartphones, starting with the LG Nexus 5 series.

Let me remind you that we wrote about 0-day vulnerability in Android, which threatens Pixel, Samsung, Huawei and Xiaomi smartphones.

It turned out that the bootloader graphics package contains an error that allows attackers to inject their own code along with graphics, though only under certain conditions (for example, when the battery is running low or the device is in Download Mode).

“Google has done a lot of work to ensure that vendors can’t mess up Android security. However, bootloaders have a lot less oversight, so going after these vendor-specific bits of hardware bringup seemed extremely opportune for errors”, — writes Max Thomas.

This vulnerability affects all LG smartphones using QSEE (Qualcomm Secure Execution Environment) with firmware EL1 or EL3, as well as all LG devices running Android 7.2 and later.

Demonstration of the attack can be seen in this video.

It should be noted that CVE-2020-12753, in fact, is a cold boot attack, so, it can only be exploited if you have physical access and are connected to the target device.

The PoC exploit that created Max Thomas, and which he used to compromise the bootloader on the LG Stylo 4 smartphone, is already available on GitHub.

By the way, have you already tried to make a wallpaper for a phone from a picture that turns android smartphone into piece of stone?

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Tags
Photo of James Brown James BrownJune 4, 2020
0 80 1 minute read
Photo of James Brown

James Brown

Technology news writer and part-time security researcher. Author of how-to articles related to Windows computer issue solving.

Related Articles

Hacking drones could be easy

Researchers said that hacking Mars rovers and drones could be quite easy

December 4, 2019
vulnerabilities and Wi-Fi in airplanes

Researchers Discovered Dangerous Vulnerabilities in Devices that Distribute Wi-Fi on Airplanes

September 16, 2022
agama wallet

Agama’s cryptographic developers attacked their own product earlier than attackers did

June 7, 2019
Attackers broke into the smart home

Attackers broke into the “smart home” and turned lives of its residents into a nightmare

September 26, 2019

Leave a Reply

Your email address will not be published. Required fields are marked *

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© Copyright 2024, All Rights Reserved  | Adware.Guru;
Back to top button