Motorola Device Help Application Vulnerability
Motorola Security Advisory: MML-2023-50067
Scope of Impact: Motorola Device Help application
Potential Impact: Information Disclosure
Severity: Medium
CVE Identifier: CVE-2023-41818
Summary Description:
Security Researchers at Oversecured discovered and reported a vulnerability for the Motorola Device Help application, that could allow an attacker to read logging data. When the user uses Device Help to send logs to Motorola, the logs are temporarily stored on the SD card.
Scope of Impact: Motorola Device Help application
Potential Impact: Information Disclosure
Severity: Medium
CVE Identifier: CVE-2023-41818
Summary Description:
Security Researchers at Oversecured discovered and reported a vulnerability for the Motorola Device Help application, that could allow an attacker to read logging data. When the user uses Device Help to send logs to Motorola, the logs are temporarily stored on the SD card.
Mitigation Strategy for Customers (what you should do to protect yourself):
- Update your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-12-01 or later includes a fix for this vulnerability.
- Download apps only from authorized sources, like the Google Play Store.
- Do not hand your phone over to someone you do not trust.
Acknowledgement: Motorola thanks Sergey Toshin and Illia Khorolskyi of Oversecured (ovesecured.com).
Product Impact: Motorola Phones