Vulnerabilites related to Motorola - Phones
CVE-2023-41816 (GCVE-0-2023-41816)
Vulnerability from cvelistv5
Published
2024-05-03 14:02
Modified
2024-08-02 19:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-926 - Improper Export of Android Application Components
Summary
An improper export vulnerability was reported in the Motorola Services Main application that could allow a local attacker to write to a local database.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:motorola:services_main:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "services_main",
"vendor": "motorola",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41816",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T16:10:57.935014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:21:29.771Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:48.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178874"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-12-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper export vulnerability was reported in the Motorola Services Main application that could allow a local attacker to write to a local database.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n"
}
],
"value": "\nAn improper export vulnerability was reported in the Motorola Services Main application that could allow a local attacker to write to a local database.\u00a0\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926: Improper Export of Android Application Components ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:02:58.683Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178874"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41816",
"datePublished": "2024-05-03T14:02:07.034Z",
"dateReserved": "2023-09-01T14:25:26.474Z",
"dateUpdated": "2024-08-02T19:09:48.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3108 (GCVE-0-2024-3108)
Vulnerability from cvelistv5
Published
2024-05-03 14:06
Modified
2024-08-01 19:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-927 - Use of Implicit Intent for Sensitive Communication
Summary
An implicit intent vulnerability was reported for Motorola’s Time Weather Widget application that could allow a local application to acquire the location of the device without authorization.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3108",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T16:31:07.235927Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:31:41.928Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:32:42.745Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-12-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn implicit intent vulnerability was reported for Motorola\u2019s Time Weather Widget application that could allow a local application to acquire the location of the device without authorization.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n"
}
],
"value": "\nAn implicit intent vulnerability was reported for Motorola\u2019s Time Weather Widget application that could allow a local application to acquire the location of the device without authorization.\u00a0\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-927",
"description": "CWE-927: Use of Implicit Intent for Sensitive Communication ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:06:53.248Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178863"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cdiv\u003e\u003cp\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later includes a fix for this vulnerability.\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later includes a fix for this vulnerability.\u00a0\n\n\n\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-3108",
"datePublished": "2024-05-03T14:06:53.248Z",
"dateReserved": "2024-03-29T20:30:16.279Z",
"dateUpdated": "2024-08-01T19:32:42.745Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41817 (GCVE-0-2023-41817)
Vulnerability from cvelistv5
Published
2024-05-03 14:03
Modified
2024-08-15 15:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-927 - Use of Implicit Intent for Sensitive Communication
Summary
An improper export vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read unauthorized information.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:49.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178875"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41817",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T18:27:07.108993Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T15:38:41.026Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-12-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper export vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read unauthorized information.\u003c/span\u003e"
}
],
"value": "An improper export vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read unauthorized information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-927",
"description": "CWE-927: Use of Implicit Intent for Sensitive Communication ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:03:45.713Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178875"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41817",
"datePublished": "2024-05-03T14:03:45.713Z",
"dateReserved": "2023-09-01T14:25:26.474Z",
"dateUpdated": "2024-08-15T15:38:41.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3109 (GCVE-0-2024-3109)
Vulnerability from cvelistv5
Published
2024-05-03 14:09
Modified
2024-08-01 19:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Summary
A hard-coded AES key vulnerability was reported in the Motorola GuideMe application, along with a lack of URI sanitation, could allow for a local attacker to read arbitrary files.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3109",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T19:15:57.784440Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:32:05.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:32:42.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2024-03-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cdiv\u003e\u003cp\u003eA hard-coded AES key vulnerability was reported in the Motorola GuideMe application, along with a lack of URI sanitation, could allow for a local attacker to read arbitrary files.\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e\n\n"
}
],
"value": "\nA hard-coded AES key vulnerability was reported in the Motorola GuideMe application, along with a lack of URI sanitation, could allow for a local attacker to read arbitrary files.\n\n\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321: Use of Hard-coded Cryptographic Key ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:09:59.372Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178863"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2024-03-01 or later include a fix for this vulnerability.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2024-03-01 or later include a fix for this vulnerability.\u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-3109",
"datePublished": "2024-05-03T14:09:59.372Z",
"dateReserved": "2024-03-29T20:30:17.481Z",
"dateUpdated": "2024-08-01T19:32:42.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41821 (GCVE-0-2023-41821)
Vulnerability from cvelistv5
Published
2024-05-03 14:04
Modified
2024-08-23 15:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-926 - Improper Export of Android Application Components
Summary
A an improper export vulnerability was reported in the Motorola Setup application that could allow a local attacker to read sensitive user information.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:48.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178879"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-23T15:10:02.450914Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-23T15:10:12.183Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-09-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA an improper export vulnerability was reported in the Motorola Setup application that could allow a local attacker to read sensitive user information.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n"
}
],
"value": "\nA an improper export vulnerability was reported in the Motorola Setup application that could allow a local attacker to read sensitive user information.\u00a0\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926: Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:04:39.799Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178879"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-09-01 or later include a fix for this vulnerability.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-09-01 or later include a fix for this vulnerability.\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41821",
"datePublished": "2024-05-03T14:04:39.799Z",
"dateReserved": "2023-09-01T14:25:26.474Z",
"dateUpdated": "2024-08-23T15:10:12.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41830 (GCVE-0-2023-41830)
Vulnerability from cvelistv5
Published
2024-05-03 14:06
Modified
2024-08-15 15:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-36 - Absolute Path Traversal
Summary
An improper absolute path traversal vulnerability was reported for the Ready For application allowing a local application access to files without authorization.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:49.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178702"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:motorola:firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "firmware",
"vendor": "motorola",
"versions": [
{
"lessThan": "20231201",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41830",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T18:21:11.670668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T15:41:58.427Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-12-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper absolute path traversal vulnerability was reported for the Ready For application allowing a local application access to files without authorization.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n"
}
],
"value": "\nAn improper absolute path traversal vulnerability was reported for the Ready For application allowing a local application access to files without authorization.\u00a0\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-36",
"description": "CWE-36: Absolute Path Traversal ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:06:45.335Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178702"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41830",
"datePublished": "2024-05-03T14:06:45.335Z",
"dateReserved": "2023-09-01T14:25:29.582Z",
"dateUpdated": "2024-08-15T15:41:58.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41825 (GCVE-0-2023-41825)
Vulnerability from cvelistv5
Published
2024-05-03 14:06
Modified
2024-08-20 18:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory
Summary
A path traversal vulnerability was reported in the Motorola Ready For application that could allow a local attacker to access local files.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:48.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178866"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41825",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-20T18:48:28.019188Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T18:49:18.722Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-12-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA path traversal vulnerability was reported in the Motorola Ready For application that could allow a local attacker to access local files.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n"
}
],
"value": "\nA path traversal vulnerability was reported in the Motorola Ready For application that could allow a local attacker to access local files.\u00a0\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:06:13.480Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178866"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41825",
"datePublished": "2024-05-03T14:06:13.480Z",
"dateReserved": "2023-09-01T14:25:26.475Z",
"dateUpdated": "2024-08-20T18:49:18.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41828 (GCVE-0-2023-41828)
Vulnerability from cvelistv5
Published
2024-05-03 14:06
Modified
2024-08-02 19:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-927 - Use of Implicit Intent for Sensitive Communication
Summary
An implicit intent export vulnerability was reported in the Motorola Phone application, that could allow unauthorized access to a non-exported content provider.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:motorola:smartphone_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "smartphone_firmware",
"vendor": "motorola",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41828",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T16:05:21.363503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:21:45.667Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:49.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178701"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-09-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn implicit intent export vulnerability was reported in the Motorola Phone application, that could allow unauthorized access to a non-exported content provider.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u0026nbsp;"
}
],
"value": "\nAn implicit intent export vulnerability was reported in the Motorola Phone application, that could allow unauthorized access to a non-exported content provider.\u00a0\u00a0"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-927",
"description": "CWE-927: Use of Implicit Intent for Sensitive Communication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:06:34.898Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178701"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cdiv\u003e\u003cp\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-09-01 or later include a fix for this vulnerability.\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-09-01 or later include a fix for this vulnerability.\u00a0\n\n\n\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41828",
"datePublished": "2024-05-03T14:06:34.898Z",
"dateReserved": "2023-09-01T14:25:29.582Z",
"dateUpdated": "2024-08-02T19:09:49.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41827 (GCVE-0-2023-41827)
Vulnerability from cvelistv5
Published
2024-03-04 21:44
Modified
2024-08-23 20:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-926 - Improper Export of Android Application Components
Summary
An improper export vulnerability was reported in the Motorola OTA update application, that could allow a malicious, local application to inject an HTML-based message on screen UI.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:49.057Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178273"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41827",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-23T20:18:52.381666Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-23T20:19:05.312Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-08-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper export vulnerability was reported in the Motorola OTA update application, that could allow a malicious, local application to inject an HTML-based message on screen UI."
}
],
"value": "An improper export vulnerability was reported in the Motorola OTA update application, that could allow a malicious, local application to inject an HTML-based message on screen UI."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926 Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-04T21:44:58.075Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178273"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-08-01 or later includes a fix for this vulnerability."
}
],
"value": "Update your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-08-01 or later includes a fix for this vulnerability."
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41827",
"datePublished": "2024-03-04T21:44:58.075Z",
"dateReserved": "2023-09-01T14:25:29.582Z",
"dateUpdated": "2024-08-23T20:19:05.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41823 (GCVE-0-2023-41823)
Vulnerability from cvelistv5
Published
2024-05-03 14:05
Modified
2024-08-02 19:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-926 - Improper Export of Android Application Components
Summary
An improper export vulnerability was reported in the Motorola Phone Extension application, that could allow a local attacker to execute unauthorized Activities.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:motorola:smartphone_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "smartphone_firmware",
"vendor": "motorola",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T16:07:37.387268Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:21:57.837Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:48.480Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178705"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-12-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper export vulnerability was reported in the Motorola Phone Extension application, that could allow a local attacker to execute unauthorized Activities.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n"
}
],
"value": "\nAn improper export vulnerability was reported in the Motorola Phone Extension application, that could allow a local attacker to execute unauthorized Activities.\u00a0\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926: Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:05:00.995Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178705"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41823",
"datePublished": "2024-05-03T14:05:00.995Z",
"dateReserved": "2023-09-01T14:25:26.475Z",
"dateUpdated": "2024-08-02T19:09:48.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41829 (GCVE-0-2023-41829)
Vulnerability from cvelistv5
Published
2024-03-04 21:45
Modified
2025-04-16 16:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-926 - Improper Export of Android Application Components
Summary
An improper export vulnerability was reported in the Motorola Carrier Services application that could allow a malicious, local application to read files without authorization.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41829",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-06T16:55:12.688275Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:02:16.876Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:48.516Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178272"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-08-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(oversecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper export vulnerability was reported in the Motorola Carrier Services application that could allow a malicious, local application to read files without authorization."
}
],
"value": "An improper export vulnerability was reported in the Motorola Carrier Services application that could allow a malicious, local application to read files without authorization."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926 Improper Export of Android Application Components",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-04T21:45:18.389Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178272"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-08-01 or later includes a fix for this vulnerability."
}
],
"value": "Update your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-08-01 or later includes a fix for this vulnerability."
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41829",
"datePublished": "2024-03-04T21:45:18.389Z",
"dateReserved": "2023-09-01T14:25:29.582Z",
"dateUpdated": "2025-04-16T16:02:16.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3480 (GCVE-0-2024-3480)
Vulnerability from cvelistv5
Published
2024-05-03 14:10
Modified
2024-08-01 20:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-927 - Use of Implicit Intent for Sensitive Communication
Summary
An Implicit intent vulnerability was reported in the Motorola framework that could allow an attacker to read telephony-related data.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3480",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T16:48:12.560920Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T16:48:19.843Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:07.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178948"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-09-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Implicit intent vulnerability was reported in the Motorola framework that could allow an attacker to read telephony-related data."
}
],
"value": "An Implicit intent vulnerability was reported in the Motorola framework that could allow an attacker to read telephony-related data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-927",
"description": "CWE-927: Use of Implicit Intent for Sensitive Communication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:10:15.549Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178948"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-09-01 or later include a fix for this vulnerability.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-09-01 or later include a fix for this vulnerability.\u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-3480",
"datePublished": "2024-05-03T14:10:15.549Z",
"dateReserved": "2024-04-08T18:34:58.649Z",
"dateUpdated": "2024-08-01T20:12:07.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41824 (GCVE-0-2023-41824)
Vulnerability from cvelistv5
Published
2024-05-03 14:06
Modified
2024-08-02 19:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-927 - Use of Implicit Intent for Sensitive Communication
Summary
An implicit intent vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read the calling phone number and calling data.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T19:53:32.281139Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:21:42.595Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:49.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178865"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-12-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cdiv\u003e\u003cp\u003eAn implicit intent vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read the calling phone number and calling data.\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e\n\n"
}
],
"value": "\nAn implicit intent vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read the calling phone number and calling data.\n\n\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-927",
"description": "CWE-927: Use of Implicit Intent for Sensitive Communication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:06:04.301Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178865"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41824",
"datePublished": "2024-05-03T14:06:04.301Z",
"dateReserved": "2023-09-01T14:25:26.475Z",
"dateUpdated": "2024-08-02T19:09:49.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41826 (GCVE-0-2023-41826)
Vulnerability from cvelistv5
Published
2024-05-03 14:06
Modified
2024-08-02 19:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-927 - Use of Implicit Intent for Sensitive Communication
Summary
A PendingIntent hijacking vulnerability in Motorola Device Help (Genie) application that could allow local attackers to access files or interact with non-exported software components without permission.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:motorola:device_help:*:*:*:*:*:android:*:*"
],
"defaultStatus": "unknown",
"product": "device_help",
"vendor": "motorola",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41826",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T17:22:26.468330Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:21:35.788Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:49.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178703"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-12-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA PendingIntent hijacking vulnerability in Motorola Device Help (Genie) application that could allow local attackers to access files or interact with non-exported software components without permission.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n"
}
],
"value": "A PendingIntent hijacking vulnerability in Motorola Device Help (Genie) application that could allow local attackers to access files or interact with non-exported software components without permission.\u00a0\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-927",
"description": "CWE-927: Use of Implicit Intent for Sensitive Communication ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:06:27.487Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178703"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later includes a fix for this vulnerability.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later includes a fix for this vulnerability.\u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41826",
"datePublished": "2024-05-03T14:06:27.487Z",
"dateReserved": "2023-09-01T14:25:29.581Z",
"dateUpdated": "2024-08-02T19:09:49.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3479 (GCVE-0-2024-3479)
Vulnerability from cvelistv5
Published
2024-05-03 14:10
Modified
2024-08-01 20:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-926 - Improper Export of Android Application Components
Summary
An improper export vulnerability was reported in the Motorola Enterprise MotoDpms Provider (com.motorola.server.enterprise.MotoDpmsProvider) that could allow a local attacker to read local data.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3479",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T16:48:35.392275Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T16:48:42.302Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:07.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178947"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-12-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper export vulnerability was reported in the \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMotorola Enterprise \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMoto\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDp\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003em\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003es\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eProvider \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e(\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecom.motorola\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.server.enterprise.MotoDpmsProvider\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e) \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethat could allow a \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003elocal attacker to read \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003elocal \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edata\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e"
}
],
"value": "\nAn improper export vulnerability was reported in the Motorola Enterprise MotoDpms Provider (com.motorola.server.enterprise.MotoDpmsProvider) that could allow a local attacker to read local data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926: Improper Export of Android Application Components ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:10:07.470Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178947"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2024-3479",
"datePublished": "2024-05-03T14:10:07.470Z",
"dateReserved": "2024-04-08T18:34:57.602Z",
"dateUpdated": "2024-08-01T20:12:07.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41820 (GCVE-0-2023-41820)
Vulnerability from cvelistv5
Published
2024-05-03 14:04
Modified
2024-08-08 14:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-927 - Use of Implicit Intent for Sensitive Communication
Summary
An implicit intent vulnerability was reported in the Motorola Ready For application that could allow a local attacker to read information about connected Bluetooth audio devices.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:48.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178878"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T16:44:29.877128Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T14:57:57.828Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-09-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn implicit intent vulnerability was reported in the Motorola Ready For application that could allow a local attacker to read information about connected Bluetooth audio devices.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n"
}
],
"value": "\nAn implicit intent vulnerability was reported in the Motorola Ready For application that could allow a local attacker to read information about connected Bluetooth audio devices.\u00a0\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-927",
"description": "CWE-927: Use of Implicit Intent for Sensitive Communication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:04:16.223Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178878"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-09-01 or later include a fix for this vulnerability.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-09-01 or later include a fix for this vulnerability.\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41820",
"datePublished": "2024-05-03T14:04:16.223Z",
"dateReserved": "2023-09-01T14:25:26.474Z",
"dateUpdated": "2024-08-08T14:57:57.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41822 (GCVE-0-2023-41822)
Vulnerability from cvelistv5
Published
2024-05-03 14:04
Modified
2024-08-02 19:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-926 - Improper Export of Android Application Components
Summary
An improper export vulnerability was reported in the Motorola Interface Test Tool application that could allow a malicious local application to execute OS commands.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:motorola:interface_test_tool:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "interface_test_tool",
"vendor": "motorola",
"versions": [
{
"status": "affected",
"version": "-"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T16:06:42.738248Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:21:55.338Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:48.515Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178704"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-12-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper export vulnerability was reported in the \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMotorola Interface Test Tool \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eapplication that could allow a malicious local application to execute OS commands.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n"
}
],
"value": "\nAn improper export vulnerability was reported in the Motorola Interface Test Tool application that could allow a malicious local application to execute OS commands.\u00a0\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-926",
"description": "CWE-926: Improper Export of Android Application Components ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:04:49.598Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178704"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later includes a fix for this vulnerability.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later includes a fix for this vulnerability.\u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41822",
"datePublished": "2024-05-03T14:04:49.598Z",
"dateReserved": "2023-09-01T14:25:26.475Z",
"dateUpdated": "2024-08-02T19:09:48.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41819 (GCVE-0-2023-41819)
Vulnerability from cvelistv5
Published
2024-05-03 14:04
Modified
2024-08-22 19:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-285 - Improper Authorization
Summary
A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unauthorized content providers.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:48.507Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178877"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T18:59:51.444756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T19:02:34.849Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-09-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unauthorized content providers.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n"
}
],
"value": "\nA PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unauthorized content providers.\u00a0\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285 Improper Authorization ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:04:05.479Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178877"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-09-01 or later include a fix for this vulnerability.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-09-01 or later include a fix for this vulnerability.\u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41819",
"datePublished": "2024-05-03T14:04:05.479Z",
"dateReserved": "2023-09-01T14:25:26.474Z",
"dateUpdated": "2024-08-22T19:02:34.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41818 (GCVE-0-2023-41818)
Vulnerability from cvelistv5
Published
2024-05-03 14:03
Modified
2024-08-02 19:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-921 - Storage of Sensitive Data in a Mechanism without Access Control
Summary
An improper use of the SD card for sensitive data vulnerability was reported in the Motorola Device Help application that could allow a local attacker to read system logs.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T19:55:03.679957Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:21:56.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:48.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178876"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Phones",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2023-12-01",
"status": "affected",
"version": " ",
"versionType": "SPL"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sergey Toshin and Illia Khorolskyi of\u202fOversecured\u202f(ovesecured.com) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper use of the SD card for sensitive data vulnerability was reported in the Motorola Device Help application that could allow a local attacker to read system logs.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n"
}
],
"value": "\nAn improper use of the SD card for sensitive data vulnerability was reported in the Motorola Device Help application that could allow a local attacker to read system logs.\u00a0\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-921",
"description": "CWE-921: Storage of Sensitive Data in a Mechanism without Access Control ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T14:03:55.892Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/178876"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later include a fix for this vulnerability.\u00a0\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2023-41818",
"datePublished": "2024-05-03T14:03:55.892Z",
"dateReserved": "2023-09-01T14:25:26.474Z",
"dateUpdated": "2024-08-02T19:09:48.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}