SD Card Vulnerability Could Allow Local Attacker to Read System Logs
CVE-2023-41818

5MEDIUM

Key Information:

Vendor: Motorola
Status: Phones
Vendor: CVE Published:; 3 May 2024

Summary

A vulnerability exists in the Motorola Device Help application due to improper handling of the SD card used for storing sensitive data. This flaw could be exploited by a local attacker, enabling unauthorized access to system logs. Such access can lead to potential exposure of sensitive information, thereby compromising the integrity of the device's data security. Mitigating this vulnerability requires users to remain vigilant regarding access to their devices and to implement recommended updates and security practices.

Affected Version(s)

Phones < 2023-12-01

References

https://en-us.support.motorola.com/app/answers/detail/a_i...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 3, 2024
Vulnerability Reserved
Sep 1, 2023

Credit

Sergey Toshin and Illia Khorolskyi of Oversecured (ovesecured.com)