LG Patches Bootloader Security Exploit Impacting All Of Its Phones Dating Back 7 Years

lg g8 thinq

LG released a security update last month that addresses a vulnerability that impacted a massive number of its smartphones. The security flaw, tracked as CVE-2020-12753, affected every single smartphone that LG made over the last seven years. The vulnerability was in the bootloader component that shipped with the LG devices.

Bootloaders are software components that are specific to each smartphone vendor and are the first code that runs inside the smartphone when a user turns the device on. Bootloaders are intended to ensure that the smartphone firmware and Android operating system start correctly and securely. LG's vulnerability was discovered by a U.S. security researcher, Max Thomas, in March 2020.

The vulnerability he discovered impacted the bootloader component in LG's smartphones, starting with the LG Nexus 5 series. A technical breakdown of the vulnerability was published this week, where the researcher noted the bootloader graphics package had a bug that allowed attackers to slip their own code in to run alongside the bootloader's graphics in certain circumstances. Two instances that Thomas pointed out where attackers had the chance to take advantage of the flaw were when the battery dies and when the bootloader's Download Mode was active.

Any attack that aimed to take advantage of that vulnerability would have to be perfectly timed, according to Thomas. If the attacker could time the attack perfectly, they would be able to run their own custom code, potentially allowing them to take over the bootloader and the entire device. The video above shows the CVE-2020-12753 vulnerability being taken advantage of. The only way an attacker could take advantage of this flaw would be to have physical access to the smartphone. The vulnerability was particularly concerning because it could give complete access to a lost or stolen smartphone.

All LG smartphones using the Qualcomm Secure Execution Environment (QSEE) chips on EL1 or EL3 runtime firmware, and all LG devices running Android 7.2 later were vulnerable to the attack. LG's patch to mitigate the flaw was released in early May. So if you recently grabbed the LG G8 ThinQ that saw its price reduced this week, it will likely need to be patched right out of the box.


Tags:  security, LG, Bootloader
Via:  ZDNet