Lucene search

[email protected]CVE-2022-3917

HistoryDec 14, 2022 - 10:15 p.m.

CVE-2022-3917

2022-12-1422:15:11

CWE-200

[email protected]

web.nvd.nist.gov

cve-2022-3917

improper access control

motorola e20

security vulnerability

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Improper access control of bootloader function was discovered in Motorola Mobility Motorola e20 prior to version RONS31.267-38-8 allows attacker with local access to read partition or RAM data.

Affected configurations

NVD

Node

motorolamoto_e20Match-

AND

motorolamoto_e20_firmwareRange<rons31.267-38-8

CPENameOperatorVersion
motorola:moto_e20_firmwaremotorola moto e20 firmwareltrons31.267-38-8

CPE	Name	Operator	Version
motorola:moto_e20_firmware	motorola moto e20 firmware	lt	rons31.267-38-8

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Android"
    ],
    "product": "Moto e20",
    "vendor": "Motorola",
    "versions": [
      {
        "lessThan": "RONS31.267-38-8",
        "status": "affected",
        "version": "RON31.199-9",
        "versionType": "custom"
      }
    ]
  }
]

References

en-us.support.motorola.com/app/answers/detail/a_id/175333

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2022-3917

nvd1 prion1 cvelist1 pentestpartners1