Local File Access Vulnerability Discovered in Motorola Ready For Application
CVE-2023-41825

2.8LOW

Key Information:

Vendor: Motorola
Status: Phones
Vendor: CVE Published:; 3 May 2024

Summary

A path traversal vulnerability exists in the Motorola Ready For application, which can be exploited by local attackers to gain unauthorized access to sensitive local files. This flaw poses a significant security risk, allowing potential exposure of data that should remain confidential. Implement secure coding practices and regularly update the application to patch such vulnerabilities to enhance security measures.

Affected Version(s)

Phones < 2023-12-01

References

https://en-us.support.motorola.com/app/answers/detail/a_i...

CVSS V3.1

Score:

2.8

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 3, 2024
Vulnerability Reserved
Sep 1, 2023

Credit

Sergey Toshin and Illia Khorolskyi of Oversecured (ovesecured.com)