Site icon Check Point Blog

Security flaw in LG devices allows malware to root a device

A new vulnerability exploiting LG Android devices was published just yesterday at the XDA conference in Florida, Miami.  The vulnerability exists on various LG devices, including the flagship LG Optimus G, on a number of Android versions, 4.0 and 4.1. The flaw is a Privilege Escalation vulnerability that exists in an LG specific service added to the Android OS used to install/uninstall applications on the device.

Proof of concept exploit that utilizes the vulnerability was released in the wild and can be found here

What are the attack methods?

What are the consequences of such an attack?

An attacker exploiting the vulnerability is capable of:

Unfortunately, no patch was released yet by the vendors so these affected devices are still vulnerable. Further, no AntiVirus or MDM solutions for Android can detect the use of this vulnerability from a malicious application or other means.

What are the affected devices?

Technical Overview

The LG Install Services service available on a number of LG devices can be exploited to install and uninstall applications without user consent. Additionally, applications can be “promoted” as system applications giving them the ability to request special system privileges. By patching the dalvik cache, code can be run as the system user allowing access to any android application user data and gain almost complete control on the device.

Suggestions for minimizing the threat exposure

Additional Information

XDA Forum
Lacoon Customer Advisory – Security flaw in LG Devices

Exit mobile version