CVE-2023-44128

CVSS 3.1 Score 5.0 of 10 (medium)

Details

Published Sep 27, 2023
Updated: Oct 2, 2023
CWE ID 367

Summary

CVE-2023-44128 is a vulnerability that affects the LGInstallService app, specifically the "com.lge.lginstallservies.InstallService" service. The vulnerability allows an attacker to delete arbitrary files by bypassing the security check that performs signature validation after the file deletion method. This vulnerability has a risk score of 5 and a base severity of MEDIUM. It requires user interaction and has a low confidentiality impact. The vulnerability has been assigned CVE ID name CVE-2023-44128 and was reported by product.security@lge.com. The affected products include numerous LG devices such as dVxX2C, lAMRr5, tzDcWF, QtrBNr, and others. To remediate this vulnerability, it is recommended to apply patches or updates provided by LG to address the issue and enhance the security of the affected devices.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-44128 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options