Описание
A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:spritesoftware:spritebackup:2.5.4105:*:*:*:*:*:*:*
cpe:2.3:a:spritesoftware:spritebackup:2.5.4108:*:*:*:*:*:*:*
cpe:2.3:a:spritesoftware:spritebud:1.3.24:*:*:*:*:*:*:*
cpe:2.3:a:spritesoftware:spritebud:1.3.28:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:lg:e971:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:e973:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:e975:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:e975k:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:e975t:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:e976:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:e977:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f100k:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f100l:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f100s:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f120k:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f120l:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f120s:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f160k:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f160l:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f160lv:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f160s:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f180k:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f180l:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f180s:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f200k:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f200l:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f200s:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f240k:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f240l:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f240s:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f260k:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f260l:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:f260s:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:l21_:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:lg870:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:ls860:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:ls970:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:p760:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:p769:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:p780:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:p875:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:p875h:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:p880:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:p940:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:su540:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:su870:-:*:*:*:*:*:*:*
cpe:2.3:h:lg:us780:-:*:*:*:*:*:*:*
EPSS
Процентиль: 23%
0.00078
Низкий
7 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-362
Связанные уязвимости
github
почти 4 года назад
A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges.
EPSS
Процентиль: 23%
0.00078
Низкий
7 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-362