VYPR

com.lge.abba

by LGE

CVEs (1)

  • CVE-2023-44125MedSep 27, 2023
    risk 0.40cvss 6.1epss 0.00

    The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Personalized service ("com.lge.abba") app. The attacker's app, if it had access to app…