CVE-2023-6320 - Vulnerability Details - OpenCVE

A command injection vulnerability exists in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint on webOS versions 5 and 6. A series of specially crafted requests can lead to command execution as the dbus user. An attacker can make authenticated requests to trigger this vulnerability. Full versions and TV models affected: * webOS 5.5.0 - 04.50.51 running on OLED55CXPUA * webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Lg	Oled48c1pub Oled55cxpua Webos

Configuration 1 [-]

AND

cpe:2.3:o:lg:webos:5.5.0:*:*:*:*:*:*:*

cpe:2.3:h:lg:oled55cxpua:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:lg:webos:6.3.3-442:*:*:*:*:*:*:*

cpe:2.3:h:lg:oled48c1pub:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/
https://lgsecurity.lge.com/bulletins/tv#updateDetails

History

Fri, 07 Feb 2025 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Lg Lg oled48c1pub Lg oled55cxpua Lg webos
CPEs		cpe:2.3:h:lg:oled48c1pub:-:::::::* cpe:2.3:h:lg:oled55cxpua:-:::::::* cpe:2.3:o:lg:webos:5.5.0:::::::* cpe:2.3:o:lg:webos:6.3.3-442:::::::*
Vendors & Products		Lg Lg oled48c1pub Lg oled55cxpua Lg webos

MITRE

Status: PUBLISHED

Assigner: Bitdefender

Published: 2024-04-09T13:43:35.166Z

Updated: 2024-08-02T08:28:21.166Z

Reserved: 2023-11-27T14:22:32.470Z

Link: CVE-2023-6320

Vulnrichment

Updated: 2024-08-02T08:28:21.166Z

NVD

Status : Analyzed

Published: 2024-04-09T14:15:08.287

Modified: 2025-02-07T18:15:18.370

Link: CVE-2023-6320

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6320", "assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "state": "PUBLISHED", "assignerShortName": "Bitdefender", "dateReserved": "2023-11-27T14:22:32.470Z", "datePublished": "2024-04-09T13:43:35.166Z", "dateUpdated": "2024-08-02T08:28:21.166Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "webOS", "vendor": "LG", "versions": [{"status": "affected", "version": "5.5.0"}, {"status": "affected", "version": "6.3.3-442"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Alexandru Laz\u0103r of Bitdefender Labs"}], "datePublic": "2024-04-09T11:32:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>A command injection vulnerability exists in the <b>com.webos.service.connectionmanager/tv/setVlanStaticAddress </b>endpoint on webOS versions 5 and 6. A series of specially crafted requests can lead to command execution as the <i>dbus </i>user. An attacker can make authenticated requests to trigger this vulnerability.</p>Full versions and TV models affected:<br><ul><li>webOS 5.5.0 - 04.50.51 running on OLED55CXPUA <br></li><li>webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB<br></li></ul>"}], "value": "A command injection vulnerability exists in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint on webOS versions 5 and 6. A series of specially crafted requests can lead to command execution as the dbus user. An attacker can make authenticated requests to trigger this vulnerability.\n\nFull versions and TV models affected:\n * webOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u00a0\n\n * webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\n\n"}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "shortName": "Bitdefender", "dateUpdated": "2024-04-18T07:35:31.817Z"}, "references": [{"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"}, {"tags": ["vendor-advisory"], "url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"}], "source": {"discovery": "UNKNOWN"}, "title": "Command injection in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "lg", "product": "webos", "cpes": ["cpe:2.3:a:lg:webos:5.5.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.5.0", "status": "affected"}]}, {"vendor": "lg", "product": "webos", "cpes": ["cpe:2.3:a:lg:webos:6.3.3-442:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.3.3-442", "status": "affected"}]}, {"vendor": "lg", "product": "webos", "cpes": ["cpe:2.3:a:lg:webos:7.3.1-43:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "7.3.1-43", "status": "affected"}]}, {"vendor": "lg", "product": "webos", "cpes": ["cpe:2.3:a:lg:webos:4.9.7:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "4.9.7", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-04-10T17:10:05.186742Z", "id": "CVE-2023-6320", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-20T15:40:09.500Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:21.166Z"}, "title": "CVE Program Container", "references": [{"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/", "tags": ["x_transferred"]}, {"tags": ["vendor-advisory", "x_transferred"], "url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/", "tags": ["x_transferred"]}, {"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:21.166Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6320", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-10T17:10:05.186742Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:lg:webos:5.5.0:*:*:*:*:*:*:*"], "vendor": "lg", "product": "webos", "versions": [{"status": "affected", "version": "5.5.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:lg:webos:6.3.3-442:*:*:*:*:*:*:*"], "vendor": "lg", "product": "webos", "versions": [{"status": "affected", "version": "6.3.3-442"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:lg:webos:7.3.1-43:*:*:*:*:*:*:*"], "vendor": "lg", "product": "webos", "versions": [{"status": "affected", "version": "7.3.1-43"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:lg:webos:4.9.7:*:*:*:*:*:*:*"], "vendor": "lg", "product": "webos", "versions": [{"status": "affected", "version": "4.9.7"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-20T15:39:49.377Z"}}], "cna": {"title": "Command injection in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Alexandru Laz\u0103r of Bitdefender Labs"}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "LG", "product": "webOS", "versions": [{"status": "affected", "version": "5.5.0"}, {"status": "affected", "version": "6.3.3-442"}], "defaultStatus": "unaffected"}], "datePublic": "2024-04-09T11:32:00.000Z", "references": [{"url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"}, {"url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A command injection vulnerability exists in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint on webOS versions 5 and 6. A series of specially crafted requests can lead to command execution as the dbus user. An attacker can make authenticated requests to trigger this vulnerability.\n\nFull versions and TV models affected:\n * webOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u00a0\n\n * webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\n\n", "supportingMedia": [{"type": "text/html", "value": "<p>A command injection vulnerability exists in the <b>com.webos.service.connectionmanager/tv/setVlanStaticAddress </b>endpoint on webOS versions 5 and 6. A series of specially crafted requests can lead to command execution as the <i>dbus </i>user. An attacker can make authenticated requests to trigger this vulnerability.</p>Full versions and TV models affected:<br><ul><li>webOS 5.5.0 - 04.50.51 running on OLED55CXPUA <br></li><li>webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB<br></li></ul>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "shortName": "Bitdefender", "dateUpdated": "2024-04-18T07:35:31.817Z"}}}, "cveMetadata": {"cveId": "CVE-2023-6320", "state": "PUBLISHED", "dateUpdated": "2024-08-02T08:28:21.166Z", "dateReserved": "2023-11-27T14:22:32.470Z", "assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "datePublished": "2024-04-09T13:43:35.166Z", "assignerShortName": "Bitdefender"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lg:webos:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "60222A18-12F9-4A88-8F06-FB7C5EC8B453", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lg:oled55cxpua:-:*:*:*:*:*:*:*", "matchCriteriaId": "8735748A-192A-4CBD-A596-1604940B9F3D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:lg:webos:6.3.3-442:*:*:*:*:*:*:*", "matchCriteriaId": "E5BAD119-46CA-4E42-9976-CE33CBBFE00A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:lg:oled48c1pub:-:*:*:*:*:*:*:*", "matchCriteriaId": "6CD5B994-8D07-49D5-967C-9C7DFD9DABFD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A command injection vulnerability exists in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint on webOS versions 5 and 6. A series of specially crafted requests can lead to command execution as the dbus user. An attacker can make authenticated requests to trigger this vulnerability.\n\nFull versions and TV models affected:\n * webOS 5.5.0 - 04.50.51 running on OLED55CXPUA\u00a0\n\n * webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB\n\n"}, {"lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en el endpoint com.webos.service.connectionmanager/tv/setVlanStaticAddress en las versiones 5 y 6 de webOS. Una serie de solicitudes especialmente manipuladas pueden conducir a la ejecuci\u00f3n de comandos como usuario de dbus. Un atacante puede realizar solicitudes autenticadas para desencadenar esta vulnerabilidad. Versiones completas y modelos de TV afectados: * webOS 5.5.0 - 04.50.51 ejecut\u00e1ndose en OLED55CXPUA * webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 ejecut\u00e1ndose en OLED48C1PUB"}], "id": "CVE-2023-6320", "lastModified": "2025-02-07T18:15:18.370", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "cve-requests@bitdefender.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-04-09T14:15:08.287", "references": [{"source": "cve-requests@bitdefender.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"}, {"source": "cve-requests@bitdefender.com", "tags": ["Vendor Advisory"], "url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://lgsecurity.lge.com/bulletins/tv#updateDetails"}], "sourceIdentifier": "cve-requests@bitdefender.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "cve-requests@bitdefender.com", "type": "Secondary"}]}