CVE-2019-20780

CRITICAL

Google Android - Uncontrolled Search Path

Title source: rule

Description

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Certain security settings, related to whether packages are verified and accepted only from known sources, are mishandled. The LG ID is LVE-SMP-190002 (April 2019).

References (1)

[Vendor Advisory] https://lgsecurity.lge.com/

Scores

CVSS v3 9.8

EPSS 0.0015

EPSS Percentile 34.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status published

Affected Products (5)

google/android

Timeline

Published Apr 17, 2020

Tracked Since Feb 18, 2026