Motorola Framework Implicit Intent Vulnerability
Motorola Security Advisory: MML-2023-51023
Scope of Impact: Motorola Framework
Potential Impact: Information Disclosure
Severity: Low
CVE Identifier: CVE-2024-3480
Summary Description:
Scope of Impact: Motorola Framework
Potential Impact: Information Disclosure
Severity: Low
CVE Identifier: CVE-2024-3480
Summary Description:
Security Researchers at Oversecured discovered and reported an implicit intent vulnerability in the Motorola Framework that could allow a local attacker to read telephony-related data.
Motorola has provided a fix for this vulnerability in software images with an SPL of 2023-09-01 or larger.
Mitigation Strategy for Customers (what you should do to protect yourself):
- Update your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2023-09-01 or later includes a fix for this vulnerability.
- Download apps only from authorized sources, like the Google Play Store.
- Do not hand your phone over to someone you do not trust.
Acknowledgement: Motorola thanks Sergey Toshin and Illia Khorolskyi of Oversecured (ovesecured.com).
Product Impact: Motorola Phones