Privilege Escalation in Motorola Scanner SDK Affects Multiple Executables
CVE-2015-1496

Currently unrated

Key Information:

Vendor: Motorola
Status: Motorola Scanner Sdk
Vendor: CVE Published:; 16 February 2015

What is CVE-2015-1496?

The Motorola Scanner SDK is impacted by weak permissions associated with key executable files, specifically CoreScanner.exe, rsmdriverproviderservice.exe, and ScannerService.exe. This vulnerability enables local users to exploit unspecified vectors, potentially allowing them to escalate their privileges within the system. Proper scrutiny and remediation of permissions for the affected executables are essential to mitigate the risks associated with this vulnerability.

References

https://portal.motorolasolutions.com/Support/US-EN/Resolu...

x_refsource_MISC

http://www.zerodayinitiative.com/advisories/ZDI-15-035/

x_refsource_MISC

http://www.zerodayinitiative.com/advisories/ZDI-15-037/

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 16, 2015
Vulnerability Reserved
Feb 5, 2015