Incorrect Provision of Specified Functionality

CVE-2022-23728

Medium

6.1/10

Summary

Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011.

Attack Complexity: LOW
Attack Vector: PHYSICAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-684 - Incorrect Provision of Specified Functionality

The code does not function according to its published specifications, potentially leading to incorrect usage.

References

Advisory Timeline

Published Jan 21, 2022