CVE-2020-7807

A vulnerability that can hijack a DLL file that is loaded during products(LGPCSuite_Setup, IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) installation into a DLL file that the hacker wants. Missing Support for Integrity Check vulnerability in ____COMPONENT____ of LG Electronics (LGPCSuite_Setup), (IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) allows ____ATTACKER/ATTACK____ to cause ____IMPACT____. This issue affects: LG Electronics; LGPCSuite_Setup : 1.0.0.3 on Windows(x86, x64); IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup : 1.0.0.9 on Windows(x86, x64).
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:lg:ipsfullhd:1.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:lg:lg_ultrawide:1.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:lg:lgpcsuite_setup:1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:a:lg:ultra_hd_driver_setup:1.0.0.3:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:37

Type Values Removed Values Added
CVSS v2 : 1.9
v3 : 5.5
v2 : 1.9
v3 : 5.6
References () https://lgsecurity.lge.com/ - Vendor Advisory () https://lgsecurity.lge.com/ - Vendor Advisory
References () https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35587 - Third Party Advisory () https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35587 - Third Party Advisory

Information

Published : 2020-09-14 12:15

Updated : 2024-11-21 05:37


NVD link : CVE-2020-7807

Mitre link : CVE-2020-7807

CVE.ORG link : CVE-2020-7807


JSON object : View

Products Affected

lg

  • lgpcsuite_setup
  • ultra_hd_driver_setup
  • lg_ultrawide
  • ipsfullhd

microsoft

  • windows
CWE
CWE-353

Missing Support for Integrity Check

CWE-354

Improper Validation of Integrity Check Value