Motorola Interface Test Tool Vulnerability Could Allow OS Command Execution
CVE-2023-41822

4.8MEDIUM

Key Information:

Vendor: Motorola
Status: Phones
Vendor: CVE Published:; 3 May 2024

Summary

The Motorola Interface Test Tool is susceptible to an improper export vulnerability, which enables a malicious local application to execute OS commands without proper authorization. This security flaw highlights the potential risks associated with improperly managed exports in software applications, emphasizing the need for robust security measures to mitigate unauthorized command execution.

Affected Version(s)

Phones < 2023-12-01

References

https://en-us.support.motorola.com/app/answers/detail/a_i...

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 3, 2024
Vulnerability Reserved
Sep 1, 2023

Credit

Sergey Toshin and Illia Khorolskyi of Oversecured (ovesecured.com)