CVE-2020-9759

high

Description

A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files.

References

https://lists.debian.org/debian-lts-announce/2021/09/msg00018.html

https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html

Details

Source: Mitre, NVD

Published: 2020-03-23

Updated: 2022-04-22

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High