Motorola Phone Calls App Vulnerability Allows Unauthorized Information Reading
CVE-2023-41817

2.8LOW

Key Information:

Vendor: Motorola
Status: Phones
Vendor: CVE Published:; 3 May 2024

Summary

An improper export vulnerability has been identified in the Motorola Phone Calls application, enabling a local attacker to potentially gain access to sensitive information that should remain confidential. This flaw creates an avenue for unauthorized reading of data, posing risks to user privacy and security. Users of affected Motorola devices should take necessary precautions to safeguard against this vulnerability and ensure that their applications are up to date to mitigate potential risks.

Affected Version(s)

Phones < 2023-12-01

References

https://en-us.support.motorola.com/app/answers/detail/a_i...

CVSS V3.1

Score:

2.8

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 3, 2024
Vulnerability Reserved
Sep 1, 2023

Credit

Sergey Toshin and Illia Khorolskyi of Oversecured (ovesecured.com)