CVE-2017-9498

MEDIUM

Motorola MX011ANM/XR11-20 - Local Privilege Escalation

Title source: llm

Description

The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving digital signatures for the firmware.

References (1)

[Third Party Advisory] https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-42.remote-OTA.txt

View Writeup ZIP pw:eip

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 5.9%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-354

Status published

Products (3)

motorola/mx011anm_firmware

comcast/xfinity_xr11-20_firmware

n/a/n/a

Published Jul 31, 2017

Tracked Since Feb 18, 2026