Skip to main content

Phones

1 CVEs product

Monthly

CVE-2026-5804 HIGH PATCH This Week

Authentication bypass in the Motorola Factory Test component (com.motorola.motocit) on Motorola phones lets a co-resident Android app abuse an exposed writable file descriptor in external storage to stand up a TCP server, harvest protected settings, and act with the factory-test app's elevated permissions. The flaw is locally exploitable by any installed third-party app with low privileges and carries CVSS 4.0 score 8.4 with high confidentiality and integrity impact. No public exploit identified at time of analysis and not listed in CISA KEV.

Authentication Bypass Phones
NVD
CVSS 4.0
8.4
EPSS
0.0%
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Authentication bypass in the Motorola Factory Test component (com.motorola.motocit) on Motorola phones lets a co-resident Android app abuse an exposed writable file descriptor in external storage to stand up a TCP server, harvest protected settings, and act with the factory-test app's elevated permissions. The flaw is locally exploitable by any installed third-party app with low privileges and carries CVSS 4.0 score 8.4 with high confidentiality and integrity impact. No public exploit identified at time of analysis and not listed in CISA KEV.

Authentication Bypass Phones
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy