LG Fixes Vulnerability That Affected Millions Of G3 DevicesBy cheatmaster 09:25 Fri, 30 Jul 2021 Comments
LG has fixed a vulnerability in its G3 smartphone that researchers assumed could potentially allow an attacker to remotely steal sensitive data saved on the device's SD Card. An estimated 10 million G3 units are assumed to be vulnerable.
The vulnerability is in an app called Smart Notice, which comes pre-installed on recent LG G3 devices, and can be thought of as a scaled down version of Google Now, delivering you relevant information before you need it.
The problem is that the app doesn't validate the data it handles, potentially allowing attackers to execute malicious code by manipulating the information it ferries to the user.
"Using the vulnerability, an attacker can easily open the user device to data theft attack, extracting private information saved on the SD Card including WhatsApp data and private images; put the user in danger of phishing attack by misleading the end-user; and enable the installation of a malicious program on the device," researchers revealed in a blog post.
"We informed LG, which responded quickly to notice of the vulnerability and we encourage users to immediately upgrade their application to recent Smart Notice release, which contains a patch."
Source (registration required) | Via
Please LOGIN or REGISTER To Gain Full Access To This Article