Motorola Carrier Services App Vulnerability Could Allow File Read Without Authorization
CVE-2023-41829

5MEDIUM

Key Information:

Vendor: Motorola
Status: Phones
Vendor: CVE Published:; 4 March 2024

Summary

The Motorola Carrier Services application has reported an improper export vulnerability that permits unauthorized local applications to read sensitive files. This weakness can lead to exposure of confidential information, potentially impacting user privacy and security. Mitigating this vulnerability is essential to prevent unauthorized access and ensure the safety of user data.

Affected Version(s)

Phones < 2023-08-01

References

https://en-us.support.motorola.com/app/answers/detail/a_i...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 4, 2024
Vulnerability Reserved
Sep 1, 2023

Credit

Sergey Toshin and Illia Khorolskyi of Oversecured (oversecured.com)