LG PC Suite for Windows versions 5.3.25.20150529 (Build 18212) and below suffer from a man-in-the-middle vulnerability.
4a9f021d64da18c6aef5a1e09483630a61f41192180d89869816d04626c05dad
_______________________________________________________________________________
Vendor: LG, www.lg.com
Affected Products: LG PC Suite for Windows
Affected Version: <= 5.3.25.20150529 (Build 18212)
Severity: High
OVE ID: OVE-20161010-0007
________________________________________________________________________________
The LG PC Suite update mechanism is vulnerable to a man-in-the-middle
attack. Through the manipulation of files transmitted over HTTP an
attacker can force the execution of arbitrary code on the target system.
Code is executed with the privileges of the currently logged on user.
LG will not provide software updates to address the issue because the
LG PC Suite reached the end of its product life cycle. The technical
details as well as a possible mitigation is described in the full
advisory at:
https://labs.bluefrostsecurity.de/advisories/bfs-sa-2016-004/
________________________________________________________________________________