What is CVE-2020-7807?

CVE-2020-7807 is a vulnerability that can hijack a DLL file that is loaded during the installation of LGPCSuite_Setup, IPSFULLHD, LG_ULTRAWIDE, and ULTRA_HD_Driver Setup products.

How does CVE-2020-7807 work?

CVE-2020-7807 allows a hacker to hijack a DLL file during product installation and replace it with a malicious DLL file of their choice.

Which software versions are affected by CVE-2020-7807?

CVE-2020-7807 affects LGPCSuite_Setup version 1.0.0.9, IPSFULLHD version 1.0.0.3, LG_ULTRAWIDE version 1.0.0.3, and ULTRA_HD_Driver Setup version 1.0.0.3.

What is the severity level of CVE-2020-7807?

CVE-2020-7807 has a severity level of 5.5, which is considered medium.

How can I fix CVE-2020-7807?

To fix CVE-2020-7807, it is recommended to update the affected software versions to the latest patched versions provided by LG Electronics.

Vulnerability/
CVE-2020-7807

medium

5.6

CWE

354 353

14/9/2020

4/8/2024

CVE-2020-7807: DLL Hijacking Vulnerabilities During Installation of LG Electronics Software

First published: Mon Sep 14 2020(Updated: )

A vulnerability that can hijack a DLL file that is loaded during products(LGPCSuite_Setup, IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) installation into a DLL file that the hacker wants. Missing Support for Integrity Check vulnerability in ____COMPONENT____ of LG Electronics (LGPCSuite_Setup), (IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) allows ____ATTACKER/ATTACK____ to cause ____IMPACT____. This issue affects: LG Electronics; LGPCSuite_Setup : 1.0.0.3 on Windows(x86, x64); IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup : 1.0.0.9 on Windows(x86, x64).

Credit: vuln@krcert.or.kr

Affected Software	Affected Version	How to fix
Lg Ipsfullhd	=1.0.0.3
Lg Lg Ultrawide	=1.0.0.3
Lg Lgpcsuite Setup	=1.0.0.9
Lg Ultra Hd Driver Setup	=1.0.0.3
Microsoft Windows

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2020-7807?
CVE-2020-7807 is a vulnerability that can hijack a DLL file that is loaded during the installation of LGPCSuite_Setup, IPSFULLHD, LG_ULTRAWIDE, and ULTRA_HD_Driver Setup products.
How does CVE-2020-7807 work?
CVE-2020-7807 allows a hacker to hijack a DLL file during product installation and replace it with a malicious DLL file of their choice.
Which software versions are affected by CVE-2020-7807?
CVE-2020-7807 affects LGPCSuite_Setup version 1.0.0.9, IPSFULLHD version 1.0.0.3, LG_ULTRAWIDE version 1.0.0.3, and ULTRA_HD_Driver Setup version 1.0.0.3.
What is the severity level of CVE-2020-7807?
CVE-2020-7807 has a severity level of 5.5, which is considered medium.
How can I fix CVE-2020-7807?
To fix CVE-2020-7807, it is recommended to update the affected software versions to the latest patched versions provided by LG Electronics.

collector/nvd-index
agent/weakness
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/author
agent/severity
agent/title
agent/tags
agent/first-publish-date
agent/event
agent/description
vendor/lg
canonical/lg ipsfullhd
version/lg ipsfullhd/1.0.0.3
canonical/lg lg ultrawide
version/lg lg ultrawide/1.0.0.3
canonical/lg lgpcsuite setup
version/lg lgpcsuite setup/1.0.0.9
canonical/lg ultra hd driver setup
version/lg ultra hd driver setup/1.0.0.3
vendor/microsoft
canonical/microsoft windows

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.