CVE-2020-12753

CRITICAL

LG Android 7.2-10 - Arbitrary Code Execution via EL1/EL3 Coldboot Vulnerability

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-12753. PoCs published by shinyquagsire23.

AI-analyzed exploit summary This PoC exploits CVE-2020-12753, a vulnerability in the LG Stylo 4's SBL1/aboot component, allowing arbitrary code execution in Secure EL3. The exploit crafts a modified raw_resources partition to inject a ROP payload, tested on firmware updates 20a and 20c.

Description

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. Arbitrary code execution can occur via the bootloader because of an EL1/EL3 coldboot vulnerability involving raw_resources. The LG ID is LVE-SMP-200006 (May 2020).

Exploits (1)

nomisec WORKING POC 45 stars
by shinyquagsire23 · poc
https://github.com/shinyquagsire23/CVE-2020-12753-PoC

This PoC exploits CVE-2020-12753, a vulnerability in the LG Stylo 4's SBL1/aboot component, allowing arbitrary code execution in Secure EL3. The exploit crafts a modified raw_resources partition to inject a ROP payload, tested on firmware updates 20a and 20c.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: LG Stylo 4 (AMZ/Q710ULM) with SBL1 variant, firmware updates 20a and 20c
No auth needed
Prerequisites: Physical access or root access to flash the modified partition · Target device running vulnerable firmware (20a or 20c)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Vendor Advisory x_refsource_confirm
https://lgsecurity.lge.com/

Scores

CVSS v3 9.8
EPSS 0.0247
EPSS Percentile 82.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (5)
google/android 7.2
google/android 8.0
google/android 8.1
google/android 9.0
google/android 10.0
Published May 11, 2020
Tracked Since Feb 18, 2026