CVE-2020-9759
MEDIUMLG webOS - Privilege Escalation and Arbitrary File Write via Environment Variable Manipulation
Title source: llmDescription
A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_confirm
https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html
Mailing List, Not Applicable, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2021/09/msg00018.html
Scores
CVSS v3
4.6
EPSS
0.0049
EPSS Percentile
37.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-494
Status
published
Products (1)
lg/webos
Published
Mar 23, 2020
Tracked Since
Feb 18, 2026