Lucene search

LenovoVULNRICHMENT:CVE-2023-41823

HistoryMay 03, 2024 - 2:05 p.m.

CVE-2023-41823

2024-05-0314:05:00

CWE-926

lenovo

github.com

motorola phone extension

export vulnerability

local attacker

unauthorized activities

cve-2023-41823

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

AI Score

6.8

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

An improper export vulnerability was reported in the Motorola Phone Extension application, that could allow a local attacker to execute unauthorized Activities.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:o:motorola:smartphone_firmware:*:*:*:*:*:*:*:*"
    ],
    "vendor": "motorola",
    "product": "smartphone_firmware",
    "versions": [
      {
        "status": "affected",
        "version": "*"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

en-us.support.motorola.com/app/answers/detail/a_id/178705

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

AI Score

6.8

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2023-41823