Implicit Intent Vulnerability in Motorola Time Weather Widget Application
CVE-2024-3108

5.5MEDIUM

Key Information:

Vendor: Motorola
Status: Time Weather Widget
Vendor: CVE Published:; 3 May 2024

Summary

A vulnerability has been identified in Motorola's Time Weather Widget application that allows a local application to access the device's location without proper authorization. This could potentially expose sensitive location data, compromising user privacy and security. Users are encouraged to review their application settings and stay informed about updates addressing this issue.

References

https://en-us.support.motorola.com/app/answers/detail/a_i...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 3, 2024