Vulnerability Description
The LG Hidden Menu component for Android on the LG Optimus G E973 allows physically proximate attackers to execute arbitrary commands by entering USB Debugging mode, using Android Debug Bridge (adb) to establish a USB connection, dialing 3845#*973#, modifying the WLAN Test Wi-Fi Ping Test/User Command tcpdump command string, and pressing the CANCEL button.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | 4.1.2 | |
| Lg | Optimus G E973 | - |
Related Weaknesses (CWE)
References
- http://seclists.org/fulldisclosure/2013/May/166
- http://www.youtube.com/watch?v=ZfbDIpTY-t4
- https://plus.google.com/110348415484169880343/posts/9KxBtkyuYcj
- http://seclists.org/fulldisclosure/2013/May/166
- http://www.youtube.com/watch?v=ZfbDIpTY-t4
- https://plus.google.com/110348415484169880343/posts/9KxBtkyuYcj
FAQ
What is CVE-2013-3666?
CVE-2013-3666 is a vulnerability with a CVSS score of 7.2 (HIGH). The LG Hidden Menu component for Android on the LG Optimus G E973 allows physically proximate attackers to execute arbitrary commands by entering USB Debugging mode, using Android Debug Bridge (adb) t...
How severe is CVE-2013-3666?
CVE-2013-3666 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-3666?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android, Lg Optimus G E973.