CVE-2013-3666
Description
The LG Hidden Menu component for Android on the LG Optimus G E973 allows physically proximate attackers to execute arbitrary commands by entering USB Debugging mode, using Android Debug Bridge (adb) to establish a USB connection, dialing 3845#*973#, modifying the WLAN Test Wi-Fi Ping Test/User Command tcpdump command string, and pressing the CANCEL button.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
References
- http://seclists.org/fulldisclosure/2013/May/166
- http://www.youtube.com/watch?v=ZfbDIpTY-t4
- https://plus.google.com/110348415484169880343/posts/9KxBtkyuYcj
- http://seclists.org/fulldisclosure/2013/May/166
- http://www.youtube.com/watch?v=ZfbDIpTY-t4
- https://plus.google.com/110348415484169880343/posts/9KxBtkyuYcj
CWEs
CWE-264
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.