cbcvebase.
CVE-2016-10277
published 2017-05-12

CVE-2016-10277: An elevation of privilege vulnerability in the Motorola bootloader could enable a local malicious application to execute arbitrary code within the context of…

PriorityP350high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
9.46%
94.8th percentile
An elevation of privilege vulnerability in the Motorola bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33840490.

Affected

18 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debianlinux< linux 4.9.30-1 (bookworm)linux 4.9.30-1 (bookworm)
googleandroid
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel>= 0 < 4.9.30-14.9.30-1
linuxlinux_kernel>= 0 < 4.9.30-14.9.30-1
linuxlinux_kernel>= 0 < 4.9.30-14.9.30-1
linuxlinux_kernel>= 0 < 4.9.30-14.9.30-1
linuxlinux_kernel>= 2.6.12 < 3.2.913.2.91
linuxlinux_kernel>= 3.11 < 3.16.463.16.46
linuxlinux_kernel>= 3.17 < 3.18.553.18.55
linuxlinux_kernel>= 3.19 < 4.1.414.1.41
linuxlinux_kernel>= 3.3 < 3.10.1063.10.106
linuxlinux_kernel>= 4.10 < 4.11.34.11.3
linuxlinux_kernel>= 4.2 < 4.4.704.4.70
linuxlinux_kernel>= 4.5 < 4.9.304.9.30

CVSS provenance

nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_debian7.8LOW
vendor_redhat7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.