CVE-2020-25283

CRITICAL

LG Android 8.0-10 - Missing Authorization in BT Manager

Title source: llm
STIX 2.1

Description

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. BT manager allows attackers to bypass intended access restrictions on a certain mode. The LG ID is LVE-SMP-200021 (September 2020).

References (1)

Core 1
Core References
Vendor Advisory x_refsource_misc
https://lgsecurity.lge.com/

Scores

CVSS v3 9.8
EPSS 0.0046
EPSS Percentile 37.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-862
Status published
Products (4)
google/android 8.0
google/android 8.1
google/android 9.0
google/android 10.0
Published Sep 11, 2020
Tracked Since Feb 18, 2026