Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-7807

Опубликовано: 14 сент. 2020
Источник: nvd
CVSS3: 5.6
CVSS3: 5.5
CVSS2: 1.9
EPSS Низкий

Описание

A vulnerability that can hijack a DLL file that is loaded during products(LGPCSuite_Setup, IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) installation into a DLL file that the hacker wants. Missing Support for Integrity Check vulnerability in COMPONENT of LG Electronics (LGPCSuite_Setup), (IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) allows ATTACKER/ATTACK to cause IMPACT. This issue affects: LG Electronics; LGPCSuite_Setup : 1.0.0.3 on Windows(x86, x64); IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup : 1.0.0.9 on Windows(x86, x64).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:lg:ipsfullhd:1.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:lg:lg_ultrawide:1.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:lg:lgpcsuite_setup:1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:a:lg:ultra_hd_driver_setup:1.0.0.3:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 6%
0.00025
Низкий

5.6 Medium

CVSS3

5.5 Medium

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-353
CWE-354

Связанные уязвимости

github логотип

GHSA-x884-xw28-vpw4

github
больше 3 лет назад

A vulnerability that can hijack a DLL file that is loaded during products(LGPCSuite_Setup, IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) installation into a DLL file that the hacker wants. Missing Support for Integrity Check vulnerability in ____COMPONENT____ of LG Electronics (LGPCSuite_Setup), (IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) allows ____ATTACKER/ATTACK____ to cause ____IMPACT____. This issue affects: LG Electronics; LGPCSuite_Setup : 1.0.0.3 on Windows(x86, x64); IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup : 1.0.0.9 on Windows(x86, x64).

EPSS

Процентиль: 6%
0.00025
Низкий

5.6 Medium

CVSS3

5.5 Medium

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-353
CWE-354