CVE-2019-8372

low-risk
Published 2019-02-18

The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows low-privileged users to read and write arbitrary physical memory via specially crafted IOCTL requests and elevate system privileges. This occurs because the device object has an associated symbolic link and an open DACL.

Do I need to act?

-
0.18% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.0/10 High
LOCAL / HIGH complexity

Affected Products (1)

Lha.Sys

Affected Vendors

Lg

References (6)

Exploit http://www.jackson-t.ca/lg-driver-lpe.html
Vendor Advisory https://lgsecurity.lge.com/security_updates.html
Third Party Advisory https://twitter.com/Jackson_T/status/1097353402034475009
Exploit http://www.jackson-t.ca/lg-driver-lpe.html
Vendor Advisory https://lgsecurity.lge.com/security_updates.html
Third Party Advisory https://twitter.com/Jackson_T/status/1097353402034475009
24
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 1/34 · Minimal
Exposure 5/34 · Minimal