{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T17:09:38.672","vulnerabilities":[{"cve":{"id":"CVE-2023-44129","sourceIdentifier":"product.security@lge.com","published":"2023-09-27T15:19:37.350","lastModified":"2024-11-21T08:25:18.383","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The vulnerability is that the Messaging (\"com.android.mms\") app patched by LG forwards attacker-controlled intents back to the attacker in the exported \"com.android.mms.ui.QClipIntentReceiverActivity\" activity. The attacker can abuse this functionality by launching this activity and then sending a broadcast with the \"com.lge.message.action.QCLIP\" action. The attacker can send, e.g., their own data/clipdata and set Intent.FLAG_GRANT_* flags. After the attacker received that intent in the \"onActivityResult()\" method, they would have access to arbitrary content providers that have the `android:grantUriPermissions=\"true\"` flag set."},{"lang":"es","value":"La vulnerabilidad es que la aplicación de mensajería (\"com.android.mms\") parcheada por LG reenvía intentos controlados por el atacante en la actividad \"com.android.mms.ui.QClipIntentReceiverActivity\" exportada. El atacante puede abusar de esta funcionalidad iniciando esta actividad y luego enviando una transmisión con la acción \"com.lge.message.action.QCLIP\". El atacante puede enviar, por ejemplo, sus propios datos/clipdata y establecer indicadores Intent.FLAG_GRANT_*. Después de que el atacante recibiera esa intención en el método \"onActivityResult()\", tendría acceso a proveedores de contenido arbitrarios que tengan configurado el indicador `android:grantUriPermissions=\"true\"`."}],"metrics":{"cvssMetricV31":[{"source":"product.security@lge.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N","baseScore":3.6,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4}]},"weaknesses":[{"source":"product.security@lge.com","type":"Secondary","description":[{"lang":"en","value":"CWE-926"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0","versionEndIncluding":"13.0","matchCriteriaId":"F5E2EE3E-FD6F-4D27-871A-EE468B136DA0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:lg:v60_thin_q_5g:-:*:*:*:*:*:*:*","matchCriteriaId":"85B3B7D2-762E-4DD5-90F9-5246907748C4"}]}]}],"references":[{"url":"https://lgsecurity.lge.com/bulletins/mobile#updateDetails","source":"product.security@lge.com","tags":["Vendor Advisory"]},{"url":"https://lgsecurity.lge.com/bulletins/mobile#updateDetails","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}