Lucene search

LenovoCVELIST:CVE-2024-3480

HistoryMay 03, 2024 - 2:10 p.m.

CVE-2024-3480

2024-05-0314:10:15

CWE-927

lenovo

www.cve.org

implicit intent

motorola framework

telephony data

CVSS3

2.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

AI Score

4.2

Confidence

High

EPSS

Percentile

9.0%

JSON

An Implicit intent vulnerability was reported in the Motorola framework that could allow an attacker to read telephony-related data.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Phones",
    "vendor": "Motorola",
    "versions": [
      {
        "lessThan": "2023-09-01",
        "status": "affected",
        "version": " ",
        "versionType": "SPL"
      }
    ]
  }
]

References

en-us.support.motorola.com/app/answers/detail/a_id/178948

CVSS3

2.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

AI Score

4.2

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2024-3480