Primary

Context

Motorola Device Manager Unquoted Service Path Vulnerability in MotoHelperService.exe

Vulnerability

A vulnerability exists in Motorola Device Manager version 2.5.4, specifically within the MotoHelperService.exe service, due to an unquoted service path. This flaw allows local users to potentially inject malicious code. Exploitation of the unquoted path can lead to the execution of arbitrary code with elevated system privileges when the service starts up.

Impact

Exploitation of this vulnerability could allow a local user to execute arbitrary code with elevated system privileges.

Reproduction

The vulnerability can be reproduced by creating a malicious executable and placing it in a directory that is not quoted in the service path. After rebooting the system, the executable will be executed with elevated privileges, allowing for code execution.

Added: Jan 27, 2026, 7:29 PM

Updated: Jan 27, 2026, 7:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Motorola Device Manager Unquoted Service Path Vulnerability in MotoHelperService.exe

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating