Vulnerability Description
Motorola Device Manager 2.4.5 contains an unquoted service path vulnerability in the PST Service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in ForwardDaemon.exe to inject malicious code that will execute with elevated system privileges during service startup.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://www.exploit-db.com/exploits/49011
- https://www.exploit-db.com/exploits/49013
- https://www.filehorse.com/es/descargar-motorola-device-manager/
- https://www.vulncheck.com/advisories/motorola-device-manager-forwarddaemonexe-un
FAQ
What is CVE-2020-36981?
CVE-2020-36981 is a vulnerability with a CVSS score of 7.8 (HIGH). Motorola Device Manager 2.4.5 contains an unquoted service path vulnerability in the PST Service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path ...
How severe is CVE-2020-36981?
CVE-2020-36981 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-36981?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.