CVE-2023-44123 MEDIUM

CVE-2023-44123: Bluetooth - Theft and (over-)write of arbitrary files with system privilege via PendingIntent hijacking

Vendor Lg Electronics
Product LG V60 Thin Q 5G(LMV600VM)
Weakness CWE-285
Published September 27, 2023
Last update September 20, 2024

CVSS base score

6.1/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

What the vulnerability does

01Description

The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Bluetooth ("com.lge.bluetoothsetting") app. The attacker's app, if it had access to app notifications, could intercept them and redirect them to its activity, before making it grant access permissions to content providers with the `android:grantUriPermissions="true"` flag.

Key dates

02Disclosure timeline

September 27, 2023 CVE published
September 20, 2024 Record updated