CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now
Connect with us

Hi, what are you looking for?


Mobile & Wireless

Flaw Allows Hackers to Modify Texts on LG Smartphones

LG has released fixes for two serious vulnerabilities affecting the company’s Android smartphones, including a flaw that can be exploited remotely to delete and modify text messages.

LG has released fixes for two serious vulnerabilities affecting the company’s Android smartphones, including a flaw that can be exploited remotely to delete and modify text messages.

The vulnerabilities were discovered by researchers at security firm Check Point, who disclosed the issues after the vendor developed patches. It’s worth noting that LG is estimated to have a share of nearly 10 percent in the U.S. smartphone market.

Google releases security updates for Android every month, but since each original equipment manufacturer (OEM) makes its own modifications to the operating system, some vulnerabilities are specific to their devices.

According to Check Point researchers, LG smartphones are plagued by two serious flaws. One of them, an issue that can be exploited locally, is related to a privileged LG service named “LGATCMDService.”

Since this service is not protected by a bind permission, any app, regardless of its permissions or origin, can communicate with it. This allows attackers to connect to it and perform various actions, including reading and overwriting the IMEI and MAC address, rebooting the device, disabling a USB connection, wiping the device, and even bricking it completely.

The vulnerability, tracked as CVE-2016-3117, could be highly useful for a piece of ransomware.

“Ransomware would find these features very useful by locking a user out of a device and then disabling the ability to retrieve files by connecting the device with a computer via USB,” said Check Point researchers.

The second flaw found by experts, tracked as CVE-2016-2035, is related to LG’s implementation of WAP Push, a protocol used for text messages that contain links to websites.

Advertisement. Scroll to continue reading.

The protocol, designed for use by mobile carriers, is affected by a SQL injection vulnerability. Since the WAP Push protocol includes features for updating and deleting text messages, a remote attacker can exploit the flaw to delete or modify any message from the targeted smartphone.

“A potential attacker could use this vulnerability to conduct credential theft or to fool a user into installing a malicious app. The attacker could modify a user’s unread SMS messages and add a malicious URL to redirect the user to download a malicious app or to a fake overlay to steal credentials,” explained Check Point researchers.

Related: Vulnerability in Mobile Networks Allows Easy Phone Tracking

Related: LG Patches Severe Smartphone Hijack Vulnerability

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.

Fraud & Identity Theft

A team of researchers has demonstrated a new attack method that affects iPhone owners who use Apple Pay and Visa payment cards. The vulnerabilities...