CVE-2020-13840: Buffer Overflow
First published: Thu Jun 04 2020(Updated: )
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via an MTK AT command handler buffer overflow. The LG ID is LVE-SMP-200008 (June 2020).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | =7.2 | |
| Google Android | =8.0 | |
| Google Android | =8.1 | |
| Google Android | =9.0 | |
| Google Android | =10.0 | |
| Lg Cv1 | ||
| Lg Cv1s | ||
| Lg Cv3 | ||
| Lg Cv5 | ||
| Lg Cv7 | ||
| Lg Cv7as | ||
| Lg Dh10 | ||
| Lg Dh15 | ||
| Lg Dh30 | ||
| Lg Dh35 | ||
| Lg Dh40 | ||
| Lg Dh5 | ||
| Lg Dh50 | ||
| Lg G6 | ||
| Lg G7 | ||
| Lg G8 | ||
| Lg K20 | ||
| Lg K30 | ||
| Lg K40 | ||
| Lg K50 | ||
| Lg Q6 | ||
| Lg Q60 | ||
| Lg Q70 | ||
| Lg Q8 | ||
| Lg V20 | ||
| Lg V30 | ||
| Lg V35 | ||
| Lg V40 | ||
| Lg V50 | ||
| Lg V60 | ||
| Lg X Cam | ||
| Lg X300 | ||
| Lg X400 | ||
| Lg X500 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-13840?
CVE-2020-13840 is an issue discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets) where code execution can occur via an MTK AT command handler buffer overflow.
What is the severity of CVE-2020-13840?
CVE-2020-13840 has a severity rating of 9.8, which is considered critical.
Which LG mobile devices are affected by CVE-2020-13840?
LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets) are affected by CVE-2020-13840.
How can code execution occur in CVE-2020-13840?
Code execution can occur in CVE-2020-13840 through an MTK AT command handler buffer overflow.
Is there a fix available for CVE-2020-13840?
It is recommended to update your LG mobile device to the latest available Android OS version to mitigate the risk of code execution via an MTK AT command handler buffer overflow.
- agent/softwarecombine
- agent/type
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/references
- agent/severity
- agent/weakness
- agent/description
- agent/tags
- agent/event
- agent/first-publish-date
- vendor/google
- canonical/google android
- version/google android/7.2
- version/google android/8.0
- version/google android/8.1
- version/google android/9.0
- version/google android/10.0
- vendor/lg
- canonical/lg cv1
- canonical/lg cv1s
- canonical/lg cv3
- canonical/lg cv5
- canonical/lg cv7
- canonical/lg cv7as
- canonical/lg dh10
- canonical/lg dh15
- canonical/lg dh30
- canonical/lg dh35
- canonical/lg dh40
- canonical/lg dh5
- canonical/lg dh50
- canonical/lg g6
- canonical/lg g7
- canonical/lg g8
- canonical/lg k20
- canonical/lg k30
- canonical/lg k40
- canonical/lg k50
- canonical/lg q6
- canonical/lg q60
- canonical/lg q70
- canonical/lg q8
- canonical/lg v20
- canonical/lg v30
- canonical/lg v35
- canonical/lg v40
- canonical/lg v50
- canonical/lg v60
- canonical/lg x cam
- canonical/lg x300
- canonical/lg x400
- canonical/lg x500