Last month, LG developers released the security update LVE-SMP-200006 and fixed a vulnerability that affected all of the company's Android smartphones sold over the past seven years.
The problem got the identifier CVE-2020-12753, and it is related to the bootloader that comes with LG smartphones.
In March of this year, this vulnerability in the bootloader discovered American developer Max Thomas. The researcher writes that this bootloader has been added to LG smartphones, starting with the LG Nexus 5 series.
It turned out that the bootloader graphics package contains an error that allows attackers to inject their own code along with graphics under certain conditions (for example, when the battery is running low or the device is in Download Mode).
Demonstration of the attack can be seen below.
This vulnerability affects all LG smartphones using QSEE (Qualcomm Secure Execution Environment) with firmware EL1 or EL3, as well as all LG devices running Android 7.2 and later.
It should be noted that CVE-2020-12753, in fact, is a cold boot attack, that is, it can only be exploited if you have physical access and are connected to the target device.
The PoC exploit created by Thomas, which the specialist used to compromise the bootloader on the LG Stylo 4 smartphone, is already available on github.