Vendor
Motorola
Motorola, Inc. was an American multinational telecommunications company based in Schaumburg, Illinois. It was founded by brothers Paul and Joseph Galvin in 1928 as Galvin Manufacturing Corporation and was renamed Motorola in 1947. Many of Motorola's products had been radio-related communication equipment such as two-way radios, consumer walkie-talkies, cellular infrastructure, mobile phones, satellite communicators, pagers, as well as cable modems and semiconductors.
Founded 1928
Products
22
CVEs
30
Across products
36
Status
Private
Products
22- 3 CVEs
- 3 CVEs
- 3 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
30| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2013-2596 | Hig | 0.56 | 7.8 | 0.03 | KEV | Apr 13, 2013 | Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program. |
| CVE-2015-7936 | Hig | 0.49 | 7.5 | 0.00 | Dec 23, 2015 | Cross-site request forgery (CSRF) vulnerability in Motorola Solutions MOSCAD IP Gateway allows remote attackers to hijack the authentication of administrators for requests that modify a password. | |
| CVE-2015-7935 | Hig | 0.49 | 7.5 | 0.01 | Dec 23, 2015 | Motorola Solutions MOSCAD IP Gateway allows remote attackers to read arbitrary files via unspecified vectors. | |
| CVE-2017-9498 | Med | 0.36 | 5.5 | 0.00 | Jul 31, 2017 | The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving digital signatures for the firmware. | |
| CVE-2017-9494 | Med | 0.34 | 5.3 | 0.00 | Jul 31, 2017 | The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to enable a Remote Web Inspector that is accessible from the public Internet. | |
| CVE-2017-9495 | Med | 0.30 | 4.6 | 0.00 | Jul 31, 2017 | The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to read arbitrary files by pressing "EXIT, Down, Down, 2" on an RF4CE remote to reach the diagnostic display, and then launching a Remote Web Inspector script. | |
| CVE-2009-1394 | 0.07 | — | 0.49 | Jun 26, 2009 | Stack-based buffer overflow in Motorola Timbuktu Pro 8.6.5 on Windows allows remote attackers to execute arbitrary code by sending a long malformed string over the PlughNTCommand named pipe. | ||
| CVE-2004-1550 | 0.06 | — | 0.35 | Dec 31, 2004 | Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authentication, log on as an administrator, and obtain sensitive information by repeatedly making an HTTP request for ver.asp until an administrator logs on. | ||
| CVE-2006-5196 | 0.04 | — | 0.09 | Oct 10, 2006 | The HTTP interface in the Motorola SURFboard SB4200 Cable Modem allows remote attackers to cause a denial of service (device crash) via a request with MfcISAPICommand set to SecretProc and a long string in the Secret parameter. | ||
| CVE-2010-2307 | 0.03 | — | 0.03 | Jun 16, 2010 | Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request. | ||
| CVE-2009-0393 | 0.03 | — | 0.00 | Feb 3, 2009 | Cross-site scripting (XSS) vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to inject arbitrary web script or HTML via the page parameter. | ||
| CVE-2009-0392 | 0.03 | — | 0.03 | Feb 3, 2009 | Directory traversal vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter. | ||
| CVE-2007-4220 | 0.03 | — | 0.04 | Aug 29, 2007 | Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. (dot dot) in a Send request, probably related to the (1) Send and (2) Exchange services. | ||
| CVE-2006-1367 | 0.03 | — | 0.05 | Mar 23, 2006 | The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the Motorola E398 and other Motorola P2K-based phones does not require pairing for a connection related to the Headset Audio Gateway service, which allows user-assisted remote attackers to obtain AT level access and view phonebook entries and saved SMS messages by connecting on Bluetooth channel 3 and tricking the user into pressing Grant, aka a "Blueline" attack. NOTE: while user-assisted, the attack is made more feasible because of a GUI misrepresentation issue that allows a default message to be replaced by an attacker-specified one. | ||
| CVE-2008-2548 | 0.01 | — | 0.09 | Jun 4, 2008 | Stack-based buffer overflow in the JPEG thumbprint component in the EXIF parser on Motorola cell phones with RAZR firmware allows user-assisted remote attackers to execute arbitrary code via an MMS transmission of a malformed JPEG image, which triggers memory corruption. | ||
| CVE-2007-4221 | 0.01 | — | 0.17 | Aug 29, 2007 | Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5 for Windows allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via (1) a long user name and (2) certain malformed requests; and (3) allow remote Timbuktu servers to have an unknown impact via a malformed HELLO response, related to the Scanner component and possibly related to a malformed computer name. | ||
| CVE-2015-1496 | 0.00 | — | 0.00 | Feb 16, 2015 | Motorola Scanner SDK uses weak permissions for (1) CoreScanner.exe, (2) rsmdriverproviderservice.exe, and (3) ScannerService.exe, which allows local users to gain privileges via unspecified vectors. | ||
| CVE-2015-1495 | 0.00 | — | 0.04 | Feb 16, 2015 | Multiple stack-based buffer overflows in Motorola Scanner SDK allow remote attackers to execute arbitrary code via a crafted string to the Open method in (1) IOPOSScanner.ocx or (2) IOPOSScale.ocx. | ||
| CVE-2013-5933 | 0.00 | — | 0.00 | Sep 25, 2013 | Stack-based buffer overflow in the sub_E110 function in init in a certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless allows local users to gain privileges or cause a denial of service (memory corruption) by writing a long string to the /dev/socket/init_runit socket that is inconsistent with a certain length value that was previously written to this socket. | ||
| CVE-2013-4777 | 0.00 | — | 0.00 | Sep 25, 2013 | A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/init_runit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object. |