CVE-2013-3685: Race Condition
First published: Wed Feb 12 2020(Updated: )
A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Spritesoftware Spritebackup | =2.5.4105 | |
| Spritesoftware Spritebackup | =2.5.4108 | |
| Spritesoftware Spritebud | =1.3.24 | |
| Spritesoftware Spritebud | =1.3.28 | |
| Lg E971 | ||
| Lg E973 | ||
| Lg E975 | ||
| Lg E975k | ||
| Lg E975t | ||
| Lg E976 | ||
| Lg E977 | ||
| Lg F100k | ||
| Lg F100l | ||
| Lg F100s | ||
| Lg F120k | ||
| Lg F120l | ||
| Lg F120s | ||
| Lg F160k | ||
| Lg F160l | ||
| Lg F160lv | ||
| Lg F160s | ||
| Lg F180k | ||
| Lg F180l | ||
| Lg F180s | ||
| Lg F200k | ||
| Lg F200l | ||
| Lg F200s | ||
| Lg F240k | ||
| Lg F240l | ||
| Lg F240s | ||
| Lg F260k | ||
| Lg F260l | ||
| Lg F260s | ||
| Lg L21 | ||
| Lg Lg870 | ||
| Lg Ls860 | ||
| Lg Ls970 | ||
| Lg P760 | ||
| Lg P769 | ||
| Lg P780 | ||
| Lg P875 | ||
| Lg P875h | ||
| Lg P880 | ||
| Lg P940 | ||
| Lg Su540 | ||
| Lg Su870 | ||
| Lg Us780 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this security issue?
The vulnerability ID of this security issue is CVE-2013-3685.
What is the severity level of CVE-2013-3685?
The severity level of CVE-2013-3685 is high.
Which software versions are affected by this vulnerability?
The affected software versions are Sprite Software Spritebud 1.3.24 and 1.3.28, and Backup 2.5.4105 and 2.5.4108.
What is the description of CVE-2013-3685?
CVE-2013-3685 is a Privilege Escalation Vulnerability that exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges.
How can I fix the CVE-2013-3685 vulnerability?
To fix the CVE-2013-3685 vulnerability, it is recommended to update Sprite Software Spritebud and Backup to the latest versions available and apply any security patches provided by the software vendor.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/spritesoftware
- canonical/spritesoftware spritebackup
- version/spritesoftware spritebackup/2.5.4105
- version/spritesoftware spritebackup/2.5.4108
- canonical/spritesoftware spritebud
- version/spritesoftware spritebud/1.3.24
- version/spritesoftware spritebud/1.3.28
- vendor/lg
- canonical/lg e971
- canonical/lg e973
- canonical/lg e975
- canonical/lg e975k
- canonical/lg e975t
- canonical/lg e976
- canonical/lg e977
- canonical/lg f100k
- canonical/lg f100l
- canonical/lg f100s
- canonical/lg f120k
- canonical/lg f120l
- canonical/lg f120s
- canonical/lg f160k
- canonical/lg f160l
- canonical/lg f160lv
- canonical/lg f160s
- canonical/lg f180k
- canonical/lg f180l
- canonical/lg f180s
- canonical/lg f200k
- canonical/lg f200l
- canonical/lg f200s
- canonical/lg f240k
- canonical/lg f240l
- canonical/lg f240s
- canonical/lg f260k
- canonical/lg f260l
- canonical/lg f260s
- canonical/lg l21
- canonical/lg lg870
- canonical/lg ls860
- canonical/lg ls970
- canonical/lg p760
- canonical/lg p769
- canonical/lg p780
- canonical/lg p875
- canonical/lg p875h
- canonical/lg p880
- canonical/lg p940
- canonical/lg su540
- canonical/lg su870
- canonical/lg us780