RETIRED: LG On-Screen Phone CVE-2014-8757 Security Bypass Vulnerability

LG On-Screen Phone is prone to a remote security bypass vulnerability.

An attacker can exploit this issue to to bypass certain security restrictions and perform unauthorized actions, which may lead to further attacks.

Information

Bugtraq ID: 72544
Class: Design Error
CVE: CVE-2014-8757

Remote: Yes
Local: No
Published: Feb 09 2015 12:00AM
Updated: Apr 12 2019 05:00PM
Credit: Imre Rad
Vulnerable: LG On-Screen Phone 4.3.9

Not Vulnerable: LG On-Screen Phone 4.3.10

Exploit

Attackers can use readily available tools to exploit this issue.

References:

• LG On-Screen Phone - Homepage (LG)
  
• lg-onscreenphone-cve20148757-sec-bypass (100733) (IBM)
  
• LG On Screen Phone authentication bypass (CVE-2014-8757) (SEARCH-LAB Ltd)
  

Source: www.securityfocus.com