CVE-2020-28345 : What You Need to Know

An issue was discovered on LG mobile devices with Android OS 10 software where the Wi-Fi subsystem may crash due to a lack of a NULL parameter check.

Understanding CVE-2020-28345

This CVE identifies a vulnerability in LG mobile devices running Android OS 10 that can lead to a Wi-Fi subsystem crash.

What is CVE-2020-28345?

The vulnerability in LG mobile devices with Android OS 10 can be exploited due to a missing NULL parameter check, potentially causing the Wi-Fi subsystem to crash.

The Impact of CVE-2020-28345

The impact of this vulnerability is the potential for a denial of service (DoS) condition on affected LG mobile devices, resulting from a Wi-Fi subsystem crash.

Technical Details of CVE-2020-28345

This section provides technical details about the vulnerability.

Vulnerability Description

The vulnerability arises from the absence of a NULL parameter check in the Wi-Fi subsystem of LG mobile devices with Android OS 10.

Affected Systems and Versions

Affected System: LG mobile devices
Affected OS Version: Android OS 10

Exploitation Mechanism

Exploiting this vulnerability involves sending specially crafted requests to the Wi-Fi subsystem, triggering the lack of a NULL parameter check and potentially causing a crash.

Mitigation and Prevention

To address CVE-2020-28345, follow these mitigation steps:

Immediate Steps to Take

Update LG mobile devices to the latest software version that includes a patch for this vulnerability.
Avoid connecting to untrusted Wi-Fi networks to minimize the risk of exploitation.

Long-Term Security Practices

Regularly update all software and firmware on LG devices to ensure the latest security patches are applied.
Implement network segmentation to isolate Wi-Fi subsystems from critical systems.

Patching and Updates

LG has likely released a patch addressing this vulnerability. Ensure all devices are updated with the latest software version to mitigate the risk of exploitation.