CVE-2019-20780

CRITICAL

LG Android 7.0-8.1 - Uncontrolled Search Path Element

Title source: llm

Description

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Certain security settings, related to whether packages are verified and accepted only from known sources, are mishandled. The LG ID is LVE-SMP-190002 (April 2019).

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://lgsecurity.lge.com/

Scores

CVSS v3 9.8

EPSS 0.0045

EPSS Percentile 35.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-427

Status published

Products (5)

google/android 7.0

google/android 7.1

google/android 7.2

google/android 8.0

google/android 8.1

Published Apr 17, 2020

Tracked Since Feb 18, 2026