Local File Access Vulnerability in Ready For Application
CVE-2023-41830

6.5MEDIUM

Key Information:

Vendor: Motorola
Status: Phones
Vendor: CVE Published:; 3 May 2024

Summary

An improper absolute path traversal vulnerability exists in the Motorola Ready For application, which allows local applications to gain unauthorized access to files on the system. This vulnerability could enable attackers to navigate the file system and retrieve sensitive files that are not meant to be accessible, potentially leading to data leakage and unauthorized access to confidential information.

Affected Version(s)

Phones < 2023-12-01

References

https://en-us.support.motorola.com/app/answers/detail/a_i...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
May 3, 2024
Vulnerability Reserved
Sep 1, 2023

Credit

Sergey Toshin and Illia Khorolskyi of Oversecured (ovesecured.com)