본문내용 바로가기 메인메뉴 바로가기 하단내용 바로가기

Security Advisory

Security Advisory Detail
CVE-2020-7807 | DLL Hijacking Vulnerabilities During Installation of LG Electronics Software2020.09.08
□ Overview
o DLL Hijacking Vulnerabilities During Installation of LG Electronics Software
Vulnerability Type Impact Severity CVSS Score CVE ID
Missing Support for Integrity Check Dll Hijacking Medium 5.6 CVE-2020-7807
 
□ Description
o A vulnerability that can hijack a DLL file that is loaded during products(LGPCSuite_Setup, IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) installation into a DLL file that the hacker wants.
 
□ Affected Product
Product Version PlatForm
IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup.exe 10.0.0.3 Windows7, 10(x86, xx64)

□ Affected Product
Product Version PlatForm
LGPCSuite_Setup.exe 10.0.0.9 Windows7, 10(x86, xx64)
 
□ Solution
o Update software over 10.0.0.10 or 1.0.0.4 version
 
□ Reference
https://lgsecurity.lge.com/


□ 작성 : 침해사고분석단 취약점분석팀