Bluetooth Audio Device Information Vulnerability
CVE-2023-41820

5MEDIUM

Key Information:

Vendor: Motorola
Status: Phones
Vendor: CVE Published:; 3 May 2024

Summary

An implicit intent vulnerability has been identified in the Motorola Ready For application, enabling local attackers to potentially access sensitive information regarding connected Bluetooth audio devices. This flaw poses a risk to user privacy and data integrity, as unauthorized parties could exploit the vulnerability to gain insights into device connections. Proper measures should be taken to evaluate and mitigate risks associated with this application.

Affected Version(s)

Phones < 2023-09-01

References

https://en-us.support.motorola.com/app/answers/detail/a_i...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 3, 2024
Vulnerability Reserved
Sep 1, 2023

Credit

Sergey Toshin and Illia Khorolskyi of Oversecured (ovesecured.com)